Remote Code Execution Vulnerability in Eudora Email Client by Qualcomm
CVE-2002-2313

Currently unrated

Key Information:

Vendor: Qualcomm
Status: Eudora
Vendor: CVE Published:; 31 December 2002

Summary

The Eudora email client version 5.1.1 allows remote attackers to execute arbitrary programs by crafting malicious HTML email messages. When the 'use Microsoft viewer' feature is enabled, these emails can contain a META refresh tag that points to an embedded .mhtml file. Internet Explorer processes this file, which may contain ActiveX controls that execute further embedded programs, thus compromising the user's system security.

References

http://lists.grok.org.uk/pipermail/full-disclosure/2002-J...

mailing-listx_refsource_FULLDISC

http://www.iss.net/security_center/static/9654.php

vdb-entryx_refsource_XF

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 2002