Lucene search
+L
QualcommEudora

23 matches found

CVE
CVE
added 2001/09/12 4:0 a.m.71 views

CVE-1999-1016

CVE-1999-1016 concerns the Microsoft HTML control used in Internet Explorer 5.0, FrontPage Express, Outlook Express 5, and Eudora. The vulnerability allows a remote attacker (via a malicious web site or HTML email) to trigger a denial of service by crafting large HTML form fields (e.g., text inpu...

5CVSS7.4AI score0.07702EPSS
CVE
CVE
added 2003/05/15 4:0 a.m.65 views

CVE-2003-0300

CVE-2003-0300 concerns the IMAP Client for Sylpheed 0.8.11. A remote IMAP server can trigger a denial-of-service (crash) by sending certain large literal size values that lead to signedness errors or integer overflow in the client. The available sources describe the vulnerability as a DoS conditi...

5CVSS7.3AI score0.03359EPSS
CVE
CVE
added 2007/05/21 9:0 p.m.59 views

CVE-2007-2770

CVE-2007-2770: A stack-based buffer overflow in Eudora 7.1’s SMTP handling enables a remote, user-assisted attacker to execute arbitrary code via a long SMTP reply. The issue requires the user to click through a warning for exploitation. No remediation details are provided in the connected docume...

9.3CVSS7.9AI score0.02923EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.57 views

CVE-1999-1448

Affected software: Eudora and Eudora Light before 3.05. Vulnerable component: e-mail processing using dates in messages. Root cause: certain dates cause Divide By Zero errors (dates before 1970) or segmentation faults (dates ~100 years after current date). Impact: remote attacker could cause a cr...

5CVSS7.5AI score0.00794EPSS
CVE
CVE
added 2002/05/03 4:0 a.m.57 views

CVE-2001-1326

CVE-2001-1326 affects Eudora 5.1, where remote code execution is possible when the "Use Microsoft Viewer" option is on and the "allow executables in HTML content" option is off. An HTML email containing a form activated from an image spoofed as a link causes the user to execute the form and acces...

7.5CVSS7.8AI score0.02698EPSS
CVE
CVE
added 2007/06/11 10:0 p.m.56 views

CVE-2007-3166

CVE-2007-3166 describes a buffer overflow in Qualcomm Eudora 7.1.0.9 that allows a user-assisted, remote IMAP server to execute arbitrary code via a long FLAGS response to a SELECT INBOX command. The CVE is documented in NVD with a base score of 6.8 (Medium) and an attack vector of NETWORK with n...

6.8CVSS7.8AI score0.02086EPSS
CVE
CVE
added 2000/07/12 4:0 a.m.55 views

CVE-2000-0342

CVE-2000-0342 (Eudora 4.x) describes a vulnerability where remote attackers can bypass the user warning for executable attachments (.exe, .com, .bat) by using a .lnk file that references the attachment, a.k.a. “Stealth Attachment.” The linked PT-2000-1308 entry confirms the affected software as E...

7.5CVSS7.2AI score0.03453EPSS
CVE
CVE
added 2007/10/29 7:0 p.m.55 views

CVE-2002-2351

CVE-2002-2351 affects Eudora 5.1. An attacker could bypass security warnings and possibly execute arbitrary code through email attachments where the name ends with a trailing dot. The connected documents confirm this behavior across Red Hat, CVE listings, and NVD references, all citing the same d...

6.4CVSS8.1AI score0.02645EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.54 views

CVE-1999-0427

CVE-1999-0427 affects Eudora 4.1. A remote attacker can cause a denial of service by sending attachments with long file names. The issue originates from how long filenames are processed during attachment handling. Reports (Red Hat, NVD/NVD listing, PT Security) confirm the DoS impact; exploitatio...

7.5CVSS7.1AI score0.01212EPSS
CVE
CVE
added 2005/02/19 5:0 a.m.54 views

CVE-2004-1521

The CVE-2004-1521 issue affects Eudora 6.2.0.14 where forwarding an email containing base64 or quoted-printable encoded attachments fails to warn, enabling a remote attacker to read arbitrary files via spoofed Converted headers. The underlying cause is improper handling/validation of encoded atta...

5CVSS7.1AI score0.01724EPSS
CVE
CVE
added 2005/05/10 4:0 a.m.54 views

CVE-2004-1944

CVE-2004-1944 affects Eudora 6.1 and 6.0.3 for Windows, where processing a deeply nested multipart MIME message can cause a remote denial-of-service (crash). The available sources confirm the affected product and the crash impact, but no patch/version remediation details are provided in the docum...

5CVSS7AI score0.01891EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.53 views

CVE-2001-0365

In the provided records, CVE-2001-0365 affects Eudora before 5.1. The vulnerability arises when the email client is configured with “Use Microsoft Viewer” and “allow executables in HTML content” enabled, allowing a remote attacker to execute arbitrary code via an HTML email containing Javascript ...

7.5CVSS7.6AI score0.03188EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.52 views

CVE-2000-0874

The CVE-2000-0874 entry describes a vulnerability in the Eudora mail client where the absolute path of the sender’s host is disclosed within a virtual card (VCF). Affected component is the VCF handling/serialization in Eudora; root cause is path disclosure leading to potential exposure of local s...

5CVSS7AI score0.00834EPSS
CVE
CVE
added 2003/06/06 4:0 a.m.50 views

CVE-2003-0376

This CVE concerns Eudora 5.2.1, where a buffer overflow in the Attachment Converted argument with a large sequence of dots can be triggered remotely to cause a denial of service and potentially execute arbitrary code. Affected component: Eudora mail client; root cause: unbounded input handling le...

5CVSS8.4AI score0.02374EPSS
CVE
CVE
added 2002/06/11 4:0 a.m.49 views

CVE-2002-0456

CVE-2002-0456 affects Eudora 5.1 and earlier. The issue arises because attachments are stored in a directory with a fixed name, which could enable attackers to exploit vulnerabilities in other software that rely on installing/reading files from directories with known pathnames. The provided docum...

5CVSS7.1AI score0.00791EPSS
CVE
CVE
added 2002/11/21 5:0 a.m.49 views

CVE-2002-1210

Vulnerability summary (CVE-2002-1210) : Qualcomm Eudora 5.1.1, 5.2 (and possibly other versions) stores email attachments in a predictable location. This enables remote attackers to read arbitrary files by sending a link that loads an attachment containing malicious script into a frame, where the...

5CVSS7AI score0.00811EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.48 views

CVE-2001-0677

Eudora 5.0.2 is affected. A remote attacker can read arbitrary files by crafting an email whose Attachment Converted MIME header contains the path to a target file; when the user forwards the message, the file is sent to the attacker. Root cause involves improper handling of the Attachment Conver...

5CVSS7AI score0.01059EPSS
CVE
CVE
added 2005/06/21 4:0 a.m.48 views

CVE-2002-1770

Qualcomm Eudora 5.1 is affected. The vulnerability allows remote code execution via an HTML e-mail that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript, which is launched and executed in the My Computer zone by Internet Explorer. The pr...

5CVSS7.5AI score0.01743EPSS
CVE
CVE
added 2003/05/23 4:0 a.m.48 views

CVE-2003-0336

Qualcomm Eudora 5.2.1 is affected by CVE-2003-0336. A remote attacker can read arbitrary files by sending an email message that contains a carriage return (CR) in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora. This represents a file-read vulnerability via craft...

5CVSS7.1AI score0.0161EPSS
CVE
CVE
added 2007/10/26 7:0 p.m.47 views

CVE-2002-2313

The vulnerability CVE-2002-2313 affects Eudora email client 5.1.1 when the “use Microsoft viewer” option is enabled. An HTML email containing a META refresh tag that references an embedded .mhtml file with ActiveX controls can trigger execution of a second embedded program processed by Internet E...

8.8CVSS7.6AI score0.00826EPSS
CVE
CVE
added 2005/05/10 4:0 a.m.47 views

CVE-2004-2005

CVE-2004-2005 describes a buffer overflow in Eudora for Windows versions 5.2.1, 6.0.3, and 6.1. An attacker could trigger remote arbitrary code execution by sending an email containing (1) a link to a long URL to the C drive or (2) a long attachment name. The provided documents do not specify a p...

5.1CVSS8.4AI score0.0349EPSS
CVE
CVE
added 2002/08/07 4:0 a.m.45 views

CVE-2002-0833

CVE-2002-0833 concerns a buffer overflow in Eudora for Windows (notably versions 5.1.1 and 5.0-J) triggered by processing a malicious MIME multipart message with an excessively long boundary string. The vulnerability resides in the multipart boundary handling, allowing remote attackers to potenti...

7.5CVSS8.4AI score0.02996EPSS
CVE
CVE
added 2003/05/15 4:0 a.m.45 views

CVE-2003-0302

The CVE-2003-0302 entry concerns the IMAP Client for Eudora 5.2.1. The underlying issue is integer signedness/overflow errors triggered by certain large literal size values from a remote IMAP server, enabling a denial of service and potentially arbitrary code execution. Public documentation confi...

5CVSS8.4AI score0.01197EPSS