Lucene search

[email protected]CVE-2002-0456

HistoryAug 12, 2002 - 4:00 a.m.

CVE-2002-0456

2002-08-1204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

information security

software vulnerability

eudora

nvd

exploits

cve-2002-0456

7.4 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

61.7%

JSON

Eudora 5.1 and earlier versions stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames.

CPENameOperatorVersion
qualcomm:eudoraqualcomm eudoraeq5.1

CPE	Name	Operator	Version
qualcomm:eudora	qualcomm eudora	eq	5.1

References

marc.info/?l=bugtraq&m=101622857703677&w=2

www.iss.net/security_center/static/8487.php

www.securityfocus.com/archive/1/262704

www.securityfocus.com/bid/4306

7.4 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

61.7%

JSON