Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote malicious users to read arbitrary files via a link that loads an attachment with malicious script into a frame, which then executes the script in the local browser context.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
qualcomm eudora 5.1.1 |
||
qualcomm eudora 5.2 |