Remote Code Execution Vulnerability in Qualcomm Eudora Email Client
CVE-2002-1770

Currently unrated

Key Information:

Vendor: Qualcomm
Status: Eudora
Vendor: CVE Published:; 31 December 2002

Summary

The vulnerability in Qualcomm Eudora 5.1 allows attackers to execute arbitrary code by crafting a malicious HTML email containing a file:// URL in a t:video tag. This URL points to an attached Windows Media Player file embedded with JavaScript code, which, when opened in the My Computer zone by Internet Explorer, can lead to unauthorized actions on the user's system.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/8609

vdb-entryx_refsource_XF

http://marc.info/?l=ntbugtraq&m=101680201823534&w=2

mailing-listx_refsource_NTBUGTRAQ

http://marc.info/?l=bugtraq&m=101680576827641&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Jun 21, 2005
Vulnerability published
Dec 31, 2002