Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2003-0336 CVE-2000-0342

Publish Date: 28 Apr 2000

                							

                source: http://www.securityfocus.com/bid/1157/info

A malicious email sender can circumvent warning messages that would normally display when a user attempts to view executable attachments in Eudora 4.2/4.3. Eudora does not prompt a user with the warning message if they are attempting to open a file that is neither .exe, .com, or .bat.

Inserting the tag
&lt;a &amp;nbsp;href="file:///c:/eudora/attach/file.lnk"\&gt;http&amp;nbsp;://www.example.com&lt;/&amp;nbsp;a&gt;
in an email message will display as:
http&amp;nbsp;://www.example.com
in a Eudora email client.

Therefore, when a user clicks on this link, it will automatically open up the executable file without warning.

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Qualcomm Eudora 4.2/4.3 - Warning Message Circumvention

Vulmon Search

About

Products

Connect