Description
Eudora 5.1 allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option is enabled and the "allow executables in HTML content" option is disabled, via an HTML email with a form that is activated from an image that the attacker spoofs as a link, which causes the user to execute the form and access embedded attachments.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by http-equiv · textremotewindows
https://www.exploit-db.com/exploits/20888
References (2)
Core 2
Core References
Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/187128
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/2796
Scores
EPSS
0.0375
EPSS Percentile
88.1%
Details
Status
published
Products (1)
qualcomm/eudora
5.1
Published
May 29, 2001
Tracked Since
Feb 18, 2026