Lucene search

K
cve[email protected]CVE-2001-0365
HistoryMar 09, 2002 - 5:00 a.m.

CVE-2001-0365

2002-03-0905:00:00
web.nvd.nist.gov
23
eudora
remote attacker
execution arbitrary code
javascript
activex
html email.

7.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.041 Low

EPSS

Percentile

92.2%

Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the ‘Use Microsoft Viewer’ and ‘allow executables in HTML content’ options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious code within IMG tags.

Affected configurations

NVD
Node
qualcommeudoraRange5.1
OR
qualcommeudoraMatch5.0.2

7.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.041 Low

EPSS

Percentile

92.2%

Related for CVE-2001-0365