Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2313

Overview

Vulnerability Score 8.8 8.8
CVE Id CVE-2002-2313
Last Modified 05 Sep 2008 04:32:53
Published 31 Dec 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2002-2313

Summary

Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer.

Vulnerable Systems

Application

  • Qualcomm Eudora 5.1.1


References

XF - eudora-mhtml-execute-files(9654)

FULLDISC - 20020724 REFRESH: EUDORA MAIL 5.1.1


Last Updated: 27 May 2016 10:37:42