Remote File Reading Vulnerability in Qualcomm Eudora Email Client
CVE-2003-0336

Currently unrated

Key Information:

Vendor: Qualcomm
Status: Eudora
Vendor: CVE Published:; 22 May 2003

Summary

Qualcomm Eudora 5.2.1 is vulnerable to an exploitation method that enables remote attackers to read arbitrary files. This is achieved by sending an email that contains a specific carriage return (CR) character in the manipulated 'Attachment Converted:' string. The software does not handle this input properly, creating a pathway for unauthorized access to sensitive files through the email client.

References

http://marc.info/?l=bugtraq&m=105362278914731&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
May 22, 2003
Vulnerability Reserved
May 22, 2003