Lucene search
+L

6475 matches found

exploitdb
exploitdb
added 2002/08/08 12:0 a.m.28 views

Qualcomm Eudora 5/6 - File Attachment Spoofing (2)

source: https://www.securityfocus.com/bid/5432/info Eudora is reported to be prone to an issue which may allow attackers to spoof the file extension in an attachment. This may aid an attacker in enticing a user of the e-mail client into executing malicious content, and in avoiding generating...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2002/08/08 12:0 a.m.24 views

Qualcomm Eudora 5/6 - File Attachment Spoofing (1)

source: https://www.securityfocus.com/bid/5432/info Eudora is reported to be prone to an issue which may allow attackers to spoof the file extension in an attachment. This may aid an attacker in enticing a user of the e-mail client into executing malicious content, and in avoiding generating...

7AI score
Exploits0
exploitpack
exploitpack
added 2002/08/08 12:0 a.m.16 views

Qualcomm Eudora 56 - File Attachment Spoofing (2)

Qualcomm Eudora 56 - File Attachment Spoofing 2 source: https://www.securityfocus.com/bid/5432/info Eudora is reported to be prone to an issue which may allow attackers to spoof the file extension in an attachment. This may aid an attacker in enticing a user of the e-mail client into executing...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2002/07/29 12:0 a.m.23 views

Microsoft Outlook Express 6 - '.XML' File Attachment Script Execution

source: https://www.securityfocus.com/bid/5350/info An error has been reported in Microsoft Outlook Express which may allow malicious XML file attachments to execute arbitrary code in the context of the local system. Code execution could occur when the file attachment is opened, without further...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/07/20 12:0 a.m.11 views

Microsoft Outlook Express 56 - Spoofable File Extensions

Microsoft Outlook Express 56 - Spoofable File Extensions source: https://www.securityfocus.com/bid/5277/info It is possible for a malicious user, sending email via a mail agent capable of manipulating the MIME headers, to spoof file extensions for users of Outlook Express. For example, an .exe fi...

7.4AI score
Exploits0
cvelist
cvelist
added 2002/06/25 4:0 a.m.22 views

CVE-2001-1099

The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice...

6.6AI score0.03176EPSS
Exploits0References4
cvelist
cvelist
added 2002/06/11 4:0 a.m.22 views

CVE-2002-0456

Eudora 5.1 and earlier versions stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames...

6.7AI score0.00791EPSS
Exploits0References4
cvelist
cvelist
added 2002/06/11 4:0 a.m.25 views

CVE-2002-0455

IncrediMail stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames...

6.7AI score0.01343EPSS
Exploits1References3
securityvulns
securityvulns
added 2002/06/04 12:0 a.m.41 views

QNX

Shouts Zen-parse, lockdown, sloth, ^ChAoS, elfan, Albert E., S. Hawking, Ali G, Jenna Jameson flur, FreeBSD Security Officers, the guy that used to clean our desks every morning and still cleans jaguars desk., QNX developers, Jon Lasser col/67, merlions girlfriend, ourselves and Jenna again. Issu...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2002/06/04 12:0 a.m.47 views

MIME::Tools Perl module and virus scanners

Background ---------- MIME::Tools is a very nice Perl module for parsing and constructing MIME-encoded mail messages. The latest stable version is 5.411a. MIME::Tools works very well on valid MIME messages. However, there are a number of problems if you use it to implement server-based mail...

7.1AI score
Exploits0
cvelist
cvelist
added 2002/05/03 4:0 a.m.25 views

CVE-2001-1282

Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information...

6.3AI score0.02188EPSS
Exploits0References3
cve
cve
added 2002/05/03 4:0 a.m.40 views

CVE-2002-0338

The CVE-2002-0338 issue affects The Bat! mail client, specifically version 1.53d and 1.54beta (and possibly others). A remote attacker can trigger a denial of service (crash) by sending an attachment whose filename includes an MS-DOS device name. The available references confirm the consequence a...

5CVSS7.1AI score0.03282EPSS
Exploits1References3Affected Software1
cvelist
cvelist
added 2002/05/03 4:0 a.m.20 views

CVE-2002-0338

The Bat! 1.53d and 1.54beta, and possibly other versions, allows remote attackers to cause a denial of service crash via an attachment whose name includes an MS-DOS device name...

6.8AI score0.03282EPSS
Exploits1References3
security_vulns
security_vulns
added 2002/03/26 12:0 a.m.284 views

Bypassing content filtering

There are common methods allowing to bypass almost any content filtering software antiviral products, CVP firewalls, mail attachment filters, etc. I believe multiple products are vulnerable. Contents: I. Bypassing attachment detection or invalid detection of attachment type. 1. Encoded filename o...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2002/03/22 12:0 a.m.28 views

Automatically opening IE + Executing attachments

GreyMagic Security Advisory GM002-IE ===================================== By GreyMagic Software, Israel. 22 Mar 2002. Available in HTML format at http://security.greymagic.com/adv/gm002-ie/ Topic: Automatically opening IE + Executing attachments. Discovery date: 15 Mar 2002. Important note:...

6AI score
Exploits0
cve
cve
added 2002/03/09 5:0 a.m.48 views

CVE-1999-1263

CVE-1999-1263 affects Metamail prior to 2.7-7.2. A remote attacker can overwrite arbitrary files via an e-mail with a uuencoded attachment that specifies a full pathname, processed by Metamail scripts such as sun-audio-file. Root cause is the handling of uuencode in Metamail scripts, enabling arb...

2.6CVSS7.2AI score0.00976EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2002/03/09 5:0 a.m.17 views

CVE-1999-1263

Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file...

6.8AI score0.00976EPSS
Exploits0References2
cve
cve
added 2002/03/09 5:0 a.m.48 views

CVE-2001-0677

Eudora 5.0.2 is affected. A remote attacker can read arbitrary files by crafting an email whose Attachment Converted MIME header contains the path to a target file; when the user forwards the message, the file is sent to the attacker. Root cause involves improper handling of the Attachment Conver...

5CVSS7AI score0.01059EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2002/03/09 5:0 a.m.21 views

CVE-2001-0692

SMTP proxy in WatchGuard Firebox 2500 and 4500 4.5 and 4.6 allows a remote attacker to bypass firewall filtering via a base64 MIME encoded email attachment whose boundary name ends in two dashes...

6.6AI score0.01786EPSS
Exploits1References4
securityvulns
securityvulns
added 2002/03/09 12:0 a.m.54 views

SECURITY.NNOV: Bypassing content filtering software

There are common methods allowing to bypass almost any content filtering software antiviral products, CVP firewalls, mail attachment filtering, etc. I believe multiple products are vulnerable. Contents: I. Bypassing attachment detection or invalid detection of attachment type. 1. Encoded filename...

7.2AI score
Exploits0
Rows per page
Query Builder