Eudora Email Client Vulnerability Exposing User Data
CVE-2004-1521

Currently unrated

Key Information:

Vendor: Qualcomm
Status: Eudora
Vendor: CVE Published:; 31 December 2004

Summary

The Eudora email client (version 6.2.0.14) contains a vulnerability that fails to alert users when they forward emails with base64 or quoted-printable encoded attachments. This oversight can permit attackers to exploit spoofed 'Converted' headers, potentially allowing unauthorized access to arbitrary files on the user's system. Users of this version are advised to exercise caution when handling forwarded emails containing encoded attachments to mitigate the risk of data leakage.

References

http://marc.info/?l=ntbugtraq&m=110053102601655&w=2

mailing-listx_refsource_NTBUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/18064

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=110037078519691&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Feb 18, 2005
Vulnerability published
Dec 31, 2004