Attachment Spoofing Vulnerability in Eudora 5.1 Allows Code Execution
CVE-2002-2351

Currently unrated

Key Information:

Vendor: Qualcomm
Status: Eudora
Vendor: CVE Published:; 31 December 2002

Summary

Eudora 5.1 contains a vulnerability that enables remote attackers to bypass essential security warnings. Attackers can exploit this issue by crafting attachments with names that contain a trailing period (dot), which may lead to the execution of arbitrary code on the victim's system, compromising its security and integrity. This flaw emphasizes the importance of validating attachment names to prevent exploitation.

References

http://www.securityfocus.com/bid/5432

vdb-entryx_refsource_BID

http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg0...

mailing-listx_refsource_BUGTRAQ

http://www.eudora.com/download/eudora/windows/5.2/RelNote...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 2002