CVE-2004-2301
https://notcve.org/view.php?id=CVE-2004-2301
Eudora before 6.1.1 allows remote attackers to cause a denial of service (crash) via an e-mail with a long "To:" field, possibly due to a buffer overflow. • http://www.eudora.com/download/eudora/windows/6.1.1/RelNotes.txt http://www.securityfocus.com/bid/10398 https://exchange.xforce.ibmcloud.com/vulnerabilities/16246 •
CVE-2002-2313
https://notcve.org/view.php?id=CVE-2002-2313
Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer. • http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000644.html http://www.iss.net/security_center/static/9654.php •
CVE-2002-2351 – Qualcomm Eudora 5/6 - File Attachment Spoofing
https://notcve.org/view.php?id=CVE-2002-2351
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot). • https://www.exploit-db.com/exploits/21695 https://www.exploit-db.com/exploits/21696 http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00142.html http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt http://www.securityfocus.com/bid/5432 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2002-1210
https://notcve.org/view.php?id=CVE-2002-1210
Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment with malicious script into a frame, which then executes the script in the local browser context. Qualcomm Eudora 5.1.1, 5.2, y posiblemente otras versiones almacenan adjuntos de correo electrónico en una localización predecible, lo que permite a atacantes remotos leer ficheros arbitrarios mediante un enlace que carga un adjunto con script malicioso en un marco, el cual ejecuta el script en el contexto del navegador local. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0079.html http://www.idefense.com/advisory/11.19.02b.txt •
CVE-2002-0833 – Qualcomm Eudora 5 - MIME MultiPart Boundary Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0833
Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a multi-part message with a long boundary string. • https://www.exploit-db.com/exploits/21680 http://marc.info/?l=bugtraq&m=102858453720304&w=2 http://marc.info/?l=bugtraq&m=102883538924494&w=2 http://www.iss.net/security_center/static/9765.php http://www.securityfocus.com/bid/5397 •