Lucene search
+L

6475 matches found

exploitpack
exploitpack
added 2004/04/15 12:0 a.m.21 views

SCT Campus Pipeline 1.02.x3.x - Email Attachment Script Injection

SCT Campus Pipeline 1.02.x3.x - Email Attachment Script Injection source: https://www.securityfocus.com/bid/10154/info It has been reported that Campus Pipeline is prone to a remote email attachment script injection vulnerability. This issue is due to a failure of the application to properly...

7.7AI score
Exploits0
exploitdb
exploitdb
added 2004/04/15 12:0 a.m.33 views

SCT Campus Pipeline 1.0/2.x/3.x - Email Attachment Script Injection

source: https://www.securityfocus.com/bid/10154/info It has been reported that Campus Pipeline is prone to a remote email attachment script injection vulnerability. This issue is due to a failure of the application to properly sanitize user supplied HTML and script code contained in email...

7.4AI score
Exploits0
freebsd
freebsd
added 2004/03/24 12:0 a.m.36 views

Buffer overflows and format string bugs in Emil

Ulf Härnhammar reports multiple buffer overflows in Emil, some of which are triggered during the parsing of attachment filenames. In addition, some format string bugs are present in the error reporting code. Depending upon local configuration, these vulnerabilities may be exploited using speciall...

7.5CVSS7.3AI score0.04146EPSS
Exploits0References2
zdt
zdt
added 2004/03/19 12:0 a.m.21 views

Eudora 6.0.3 Attachment Spoofing Exploit (windows)

Exploit for unknown platform in category remote exploits ================================================== Eudora 6.0.3 Attachment Spoofing Exploit windows ================================================== !/usr/bin/perl -- use MIME::Base64; print "From: me\n"; print "To: you\n"; print "Subject...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2004/03/19 12:0 a.m.16 views

Eudora 6.0.3 (Windows) - Attachment Spoofing

Eudora 6.0.3 Windows - Attachment Spoofing !/usr/bin/perl -- use MIME::Base64; print "From: me\n"; print "To: you\n"; print "Subject: Eudora 6.0.3 on Windows spoof, LaunchProtect\n"; print "MIME-Version: 1.0\n"; print "Content-Type: multipart/mixed; boundary="zzz"\n"; print "\n"; print "This is a...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2004/03/19 12:0 a.m.47 views

Eudora 6.0.3 (Windows) - Attachment Spoofing

!/usr/bin/perl -- use MIME::Base64; print "From: me\n"; print "To: you\n"; print "Subject: Eudora 6.0.3 on Windows spoof, LaunchProtect\n"; print "MIME-Version: 1.0\n"; print "Content-Type: multipart/mixed; boundary="zzz"\n"; print "\n"; print "This is a multi-part message in MIME format.\n";...

7.4AI score
Exploits0
nvd
nvd
added 2003/12/31 5:0 a.m.15 views

CVE-2003-1154

MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants...

7.5CVSS6.6AI score0.01669EPSS
Exploits0References5
nvd
nvd
added 2003/12/31 5:0 a.m.17 views

CVE-2003-1451

Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename...

6.4CVSS7.9AI score0.03328EPSS
Exploits0References5
nvd
nvd
added 2003/12/31 5:0 a.m.22 views

CVE-2003-1477

MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service CPU consumption via a PowerPoint attachment that either 1 is corrupt or 2 contains "embedded objects."...

7.8CVSS6.7AI score0.01602EPSS
Exploits0References3
nvd
nvd
added 2003/12/31 5:0 a.m.15 views

CVE-2003-1330

Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove...

5CVSS7AI score0.01414EPSS
Exploits0References3
exploitdb
exploitdb
added 2003/11/25 12:0 a.m.25 views

Qualcomm Eudora 6.0.1/6.1.1 - Attachment LaunchProtect Warning Bypass (2)

source: https://www.securityfocus.com/bid/9101/info A problem has been identified in the implementation of LaunchProtect within Eudora. Because of this, it may be possible to trick users into performing dangerous actions. May 21, 2004 - Eudora version 6.1.1 has been released, however, it is...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2003/11/25 12:0 a.m.26 views

Qualcomm Eudora 6.0.1/6.1.1 - Attachment LaunchProtect Warning Bypass (1)

source: https://www.securityfocus.com/bid/9101/info A problem has been identified in the implementation of LaunchProtect within Eudora. Because of this, it may be possible to trick users into performing dangerous actions. May 21, 2004 - Eudora version 6.1.1 has been released, however, it is...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/07/05 12:0 a.m.15 views

Microsoft Outlook 5.52000 - Web Access HTML Attachment Script Execution

Microsoft Outlook 5.52000 - Web Access HTML Attachment Script Execution source: https://www.securityfocus.com/bid/8113/info OWA contains a vulnerability that may result in attacker-supplied script code executing within the context of the mail interface when processing e-mail containing HTML messa...

Exploits0
securityvulns
securityvulns
added 2003/06/14 12:0 a.m.43 views

Mikmod buffer overflow

Buffer overflow then reading article with oversized attachment filename...

4.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2003/05/28 12:0 a.m.33 views

Re: Eudora 5.2.1 attachment spoof

Building on my Eudora attachment spoof http://www.securityfocus.com/archive/1/322286 I have now found better games to play: From: me To: you Ensure victim has both attachments 'calc' and 'calc.exe' sent in this, or previous, email. Then the following shows 'windows' icon and runs calc.exe without...

0.8AI score
Exploits0
cvelist
cvelist
added 2003/05/23 4:0 a.m.17 views

CVE-2003-0336

Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return CR character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora...

6.7AI score0.0161EPSS
Exploits0References1
securityvulns
securityvulns
added 2003/05/23 12:0 a.m.22 views

Eudora 5.2.1 buffer overflow DoS

Building on my Eudora attachment spoof http://www.securityfocus.com/archive/1/322286 I notice that sending a filename with many dots crashes Eudora, e.g. From: me To: you Attachment ConvertedCR: "B.A.A.A ... .A.A.A" with 122 repetitions of ".A" make it crash, writing an Exception.log file. Fewer...

1.1AI score
Exploits0
nvd
nvd
added 2003/05/22 4:0 a.m.16 views

CVE-2003-0336

Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return CR character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora...

5CVSS6.7AI score0.0161EPSS
Exploits0References1
exploitpack
exploitpack
added 2003/05/22 12:0 a.m.15 views

Qualcomm Eudora 5.2.16.0 - File Attachment Spoofing Variant

Qualcomm Eudora 5.2.16.0 - File Attachment Spoofing Variant source: https://www.securityfocus.com/bid/7653/info Eudora is reported to be prone to an issue which may allow attackers to spoof the file extension in an attachment. This may aid an attacker in enticing a user of the e-mail client into...

0.1AI score
Exploits0
exploitdb
exploitdb
added 2003/05/22 12:0 a.m.20 views

Qualcomm Eudora 5.2.1/6.0 - File Attachment Spoofing Variant

source: https://www.securityfocus.com/bid/7653/info Eudora is reported to be prone to an issue which may allow attackers to spoof the file extension in an attachment. This may aid an attacker in enticing a user of the e-mail client into executing malicious content. It is possible to refer to othe...

7AI score
Exploits0
Rows per page
Query Builder