CVE-2000-0342

HIGH

Qualcomm Eudora 4.x - Improper Link Resolution Before File Access

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2000-0342. PoCs published by Paul Szabo.

AI-analyzed exploit summary This exploit leverages a vulnerability in Eudora's LaunchProtect feature to spoof attachments and trick users into executing arbitrary files. It demonstrates how malicious attachments can be disguised using MIME encoding and HTML constructs to bypass warnings.

Description

Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."

Exploits (4)

exploitdb WORKING POC VERIFIED
by Paul Szabo · perlremotewindows
https://www.exploit-db.com/exploits/23399

This exploit leverages a vulnerability in Eudora's LaunchProtect feature to spoof attachments and trick users into executing arbitrary files. It demonstrates how malicious attachments can be disguised using MIME encoding and HTML constructs to bypass warnings.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target: Eudora 6.1.1 and earlier
No auth needed
Prerequisites: Victim uses Eudora email client · Attacker can send email to victim
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Paul Szabo · perlremotewindows
https://www.exploit-db.com/exploits/23398

This exploit leverages a flaw in Eudora's LaunchProtect mechanism to bypass warnings for executable attachments. It crafts a malicious email with spoofed attachments pointing to system executables (e.g., calc.exe) or batch files, tricking users into executing them without proper warnings.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Eudora 6.0.1 and 6.1.1 on Windows
No auth needed
Prerequisites: Victim uses Eudora 6.0.1 or 6.1.1 on Windows · Attacker must send a crafted email to the victim
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Paul Szabo · perlremotewindows
https://www.exploit-db.com/exploits/22627

This Perl script demonstrates a spoofing vulnerability in Eudora 6.0 on Windows, allowing attackers to manipulate file extensions and execute arbitrary code via crafted MIME messages with embedded carriage return characters.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Eudora 6.0 on Windows
No auth needed
Prerequisites: Access to send email to a victim using Eudora 6.0 · Knowledge of victim's system paths
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP
doswindows
https://www.exploit-db.com/exploits/19885

The exploit describes a technique to bypass Eudora's executable attachment warning by using a crafted HTML link in an email, tricking users into executing arbitrary files without prompts. It leverages the lack of warning for non-standard executable extensions.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Eudora 4.2/4.3
No auth needed
Prerequisites: User interaction (clicking the link) · Malicious file placed in a predictable location
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3
Core References
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1157

Scores

CVSS v3 7.5
EPSS 0.0345
EPSS Percentile 87.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-59
Status published
Products (1)
qualcomm/eudora 4.0
Published Apr 28, 2000
Tracked Since Feb 18, 2026