Directory Traversal Vulnerability in Eudora Email Client

CVE-2002-0456

Summary

Eudora email client versions 5.1 and prior have a vulnerability that allows the storage of email attachments in a universally accessible directory. This fixed directory naming convention can be exploited by attackers to gain unauthorized access to sensitive information, leveraging other software vulnerabilities that depend on known directory paths. As a result, an attacker could manipulate file access to execute malicious actions.

References