Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2000-0342

Published: 28/04/2000 Updated: 02/02/2024
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 520
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Eudora

Vulnerability Summary

Eudora 4.x allows remote malicious users to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."

Vulnerable Product Search on Vulmon Subscribe to Product

qualcomm eudora 4.0

Exploits

Exploit DB: Qualcomm Eudora 4.2/4.3 - Warning Message Circumvention
source: wwwsecurityfocuscom/bid/1157/info A malicious email sender can circumvent warning messages that would normally display when a user attempts to view executable attachments in Eudora 42/43 Eudora does not prompt a user with the warning message if they are attempting to open a file that is neither exe, com, or bat Inserting t ...
Exploit DB: Qualcomm Eudora 5.2.1/6.0 - File Attachment Spoofing Variant
source: wwwsecurityfocuscom/bid/7653/info Eudora is reported to be prone to an issue which may allow attackers to spoof the file extension in an attachment This may aid an attacker in enticing a user of the e-mail client into executing malicious content It is possible to refer to other files or attachments in a message through speciall ...
Exploit DB: Qualcomm Eudora 6.0.1/6.1.1 - Attachment LaunchProtect Warning Bypass Weakness (1)
source: wwwsecurityfocuscom/bid/9101/info A problem has been identified in the implementation of LaunchProtect within Eudora Because of this, it may be possible to trick users into performing dangerous actions ** May 21, 2004 - Eudora version 611 has been released, however, it is reported that the new versions is vulnerable to this i ...
Exploit DB: Qualcomm Eudora 6.0.1/6.1.1 - Attachment LaunchProtect Warning Bypass Weakness (2)
source: wwwsecurityfocuscom/bid/9101/info A problem has been identified in the implementation of LaunchProtect within Eudora Because of this, it may be possible to trick users into performing dangerous actions ** May 21, 2004 - Eudora version 611 has been released, however, it is reported that the new versions is vulnerable to this ...

References

CWE-59http://news.cnet.com/news/0-1005-200-1773077.html?tag=st.ne.fd.lthd.1005-200-1773077http://www.peacefire.org/security/stealthattach/explanation.htmlhttp://www.securityfocus.com/bid/1157https://nvd.nist.govhttps://www.exploit-db.com/exploits/19885/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook