Paul Szabo

16 exploits Active since Apr 2000
CVE-2000-0342 EXPLOITDB HIGH perl WORKING POC
Qualcomm Eudora 4.x - Improper Link Resolution Before File Access
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."
CVSS 7.5
CVE-2000-0342 EXPLOITDB HIGH perl WORKING POC
Qualcomm Eudora 4.x - Improper Link Resolution Before File Access
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."
CVSS 7.5
CVE-2002-2351 EXPLOITDB perl WORKING POC
Qualcomm Eudora 5.1 - Path Traversal via Trailing Dot in Attachment Name
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).
CVE-2002-2351 EXPLOITDB perl WORKING POC
Qualcomm Eudora 5.1 - Path Traversal via Trailing Dot in Attachment Name
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).
CVE-2000-0342 EXPLOITDB HIGH perl WORKING POC
Qualcomm Eudora 4.x - Improper Link Resolution Before File Access
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."
CVSS 7.5
EIP-2026-118522 EXPLOITDB perl WORKING POC
Eudora 6.2.0.7 - Attachment Spoofer
CVE-2003-0376 EXPLOITDB perl WORKING POC
Eudora 5.2.1 - Buffer Overflow via Attachment Converted Argument
Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large number of . (dot) characters.
EIP-2026-116128 EXPLOITDB perl WORKING POC
Qualcomm Eudora 5.0/5.1/6.0 - Long Attachment Filename Denial of Service (1)
EIP-2026-116129 EXPLOITDB perl WORKING POC
Qualcomm Eudora 5.0/5.1/6.0 - Long Attachment Filename Denial of Service (2)
CVE-2004-1944 EXPLOITDB perl WORKING POC
Qualcomm Eudora 6.0.3-6.1 - Denial of Service via Deeply Nested Multipart MIME Message
Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multipart MIME message.
CVE-2006-7236 EXPLOITDB text WORKING POC
xterm - Remote Code Execution via Escape Sequences
The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences.
CVE-2005-0023 EXPLOITDB c WORKING POC
GNOME libzvt2/libvte4 - Info Disclosure
gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to spoof the logon hostname via a modified DISPLAY environment variable. NOTE: the severity of this issue has been disputed.
EIP-2026-102814 EXPLOITDB text WORKING POC
Debian XTERM - 'DECRQSS/comments' Code Execution
CVE-2003-0508 EXPLOITDB perl WORKING POC
Adobe Acrobat Reader < 5.0.7 - Remote Code Execution via Long Mailto Link
Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link.
CVE-2008-5394 EXPLOITDB bash WORKING POC
Debian GNU/Linux - Local Privilege Escalation
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.
CVE-2004-2005 EXPLOITDB perl WORKING POC
Qualcomm Eudora 5.2.1, 6.0.3, 6.1 - Buffer Overflow via Long URL or Attachment Name
Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows remote attackers to execute arbitrary code via an e-mail with (1) a link to a long URL to the C drive or (2) a long attachment name.