6475 matches found
SCT Campus Pipeline 1.02.x3.x - Email Attachment Script Injection
SCT Campus Pipeline 1.02.x3.x - Email Attachment Script Injection source: https://www.securityfocus.com/bid/10154/info It has been reported that Campus Pipeline is prone to a remote email attachment script injection vulnerability. This issue is due to a failure of the application to properly...
SCT Campus Pipeline 1.0/2.x/3.x - Email Attachment Script Injection
source: https://www.securityfocus.com/bid/10154/info It has been reported that Campus Pipeline is prone to a remote email attachment script injection vulnerability. This issue is due to a failure of the application to properly sanitize user supplied HTML and script code contained in email...
Buffer overflows and format string bugs in Emil
Ulf Härnhammar reports multiple buffer overflows in Emil, some of which are triggered during the parsing of attachment filenames. In addition, some format string bugs are present in the error reporting code. Depending upon local configuration, these vulnerabilities may be exploited using speciall...
Eudora 6.0.3 Attachment Spoofing Exploit (windows)
Exploit for unknown platform in category remote exploits ================================================== Eudora 6.0.3 Attachment Spoofing Exploit windows ================================================== !/usr/bin/perl -- use MIME::Base64; print "From: me\n"; print "To: you\n"; print "Subject...
Eudora 6.0.3 (Windows) - Attachment Spoofing
Eudora 6.0.3 Windows - Attachment Spoofing !/usr/bin/perl -- use MIME::Base64; print "From: me\n"; print "To: you\n"; print "Subject: Eudora 6.0.3 on Windows spoof, LaunchProtect\n"; print "MIME-Version: 1.0\n"; print "Content-Type: multipart/mixed; boundary="zzz"\n"; print "\n"; print "This is a...
Eudora 6.0.3 (Windows) - Attachment Spoofing
!/usr/bin/perl -- use MIME::Base64; print "From: me\n"; print "To: you\n"; print "Subject: Eudora 6.0.3 on Windows spoof, LaunchProtect\n"; print "MIME-Version: 1.0\n"; print "Content-Type: multipart/mixed; boundary="zzz"\n"; print "\n"; print "This is a multi-part message in MIME format.\n";...
CVE-2003-1154
MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants...
CVE-2003-1451
Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename...
CVE-2003-1477
MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service CPU consumption via a PowerPoint attachment that either 1 is corrupt or 2 contains "embedded objects."...
CVE-2003-1330
Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove...
Qualcomm Eudora 6.0.1/6.1.1 - Attachment LaunchProtect Warning Bypass (2)
source: https://www.securityfocus.com/bid/9101/info A problem has been identified in the implementation of LaunchProtect within Eudora. Because of this, it may be possible to trick users into performing dangerous actions. May 21, 2004 - Eudora version 6.1.1 has been released, however, it is...
Qualcomm Eudora 6.0.1/6.1.1 - Attachment LaunchProtect Warning Bypass (1)
source: https://www.securityfocus.com/bid/9101/info A problem has been identified in the implementation of LaunchProtect within Eudora. Because of this, it may be possible to trick users into performing dangerous actions. May 21, 2004 - Eudora version 6.1.1 has been released, however, it is...
Microsoft Outlook 5.52000 - Web Access HTML Attachment Script Execution
Microsoft Outlook 5.52000 - Web Access HTML Attachment Script Execution source: https://www.securityfocus.com/bid/8113/info OWA contains a vulnerability that may result in attacker-supplied script code executing within the context of the mail interface when processing e-mail containing HTML messa...
Mikmod buffer overflow
Buffer overflow then reading article with oversized attachment filename...
Re: Eudora 5.2.1 attachment spoof
Building on my Eudora attachment spoof http://www.securityfocus.com/archive/1/322286 I have now found better games to play: From: me To: you Ensure victim has both attachments 'calc' and 'calc.exe' sent in this, or previous, email. Then the following shows 'windows' icon and runs calc.exe without...
CVE-2003-0336
Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return CR character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora...
Eudora 5.2.1 buffer overflow DoS
Building on my Eudora attachment spoof http://www.securityfocus.com/archive/1/322286 I notice that sending a filename with many dots crashes Eudora, e.g. From: me To: you Attachment ConvertedCR: "B.A.A.A ... .A.A.A" with 122 repetitions of ".A" make it crash, writing an Exception.log file. Fewer...
CVE-2003-0336
Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return CR character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora...
Qualcomm Eudora 5.2.16.0 - File Attachment Spoofing Variant
Qualcomm Eudora 5.2.16.0 - File Attachment Spoofing Variant source: https://www.securityfocus.com/bid/7653/info Eudora is reported to be prone to an issue which may allow attackers to spoof the file extension in an attachment. This may aid an attacker in enticing a user of the e-mail client into...
Qualcomm Eudora 5.2.1/6.0 - File Attachment Spoofing Variant
source: https://www.securityfocus.com/bid/7653/info Eudora is reported to be prone to an issue which may allow attackers to spoof the file extension in an attachment. This may aid an attacker in enticing a user of the e-mail client into executing malicious content. It is possible to refer to othe...