Lucene search

[email protected]CVE-2001-1326

HistoryMay 29, 2001 - 4:00 a.m.

CVE-2001-1326

2001-05-2904:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

eudora 5.1

remote attackers

arbitrary code execution

html email

nvd

cve-2001-1326

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.0%

JSON

Eudora 5.1 allows remote attackers to execute arbitrary code when the “Use Microsoft Viewer” option is enabled and the “allow executables in HTML content” option is disabled, via an HTML email with a form that is activated from an image that the attacker spoofs as a link, which causes the user to execute the form and access embedded attachments.

CPENameOperatorVersion
qualcomm:eudoraqualcomm eudoraeq5.1

CPE	Name	Operator	Version
qualcomm:eudora	qualcomm eudora	eq	5.1

References

www.securityfocus.com/archive/1/187128

www.securityfocus.com/bid/2796

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.0%

JSON

Related for CVE-2001-1326

cvelist1