CVE-2003-0376

Eudora 5.2.1 - Buffer Overflow via Attachment Converted Argument

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0376. PoCs published by Paul Szabo.

AI-analyzed exploit summary This Perl script generates a malicious email that exploits a vulnerability in Eudora 6.0.3 by spoofing attachment lines, potentially tricking users into executing arbitrary files or scripts when the email is viewed.

Description

Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large number of . (dot) characters.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Paul Szabo · perldoswindows

https://www.exploit-db.com/exploits/23374

View Code ZIP pw:eip

This Perl script generates a malicious email that exploits a vulnerability in Eudora 6.0.3 by spoofing attachment lines, potentially tricking users into executing arbitrary files or scripts when the email is viewed.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: Eudora 6.0.3 on Windows

No auth needed

Prerequisites: Victim must use Eudora 6.0.3 on Windows · Victim must view the malicious email

MITRE ATT&CK

T1566.001 - Spearphishing Attachment

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105370625529452&w=2

Scores

EPSS 0.0237

EPSS Percentile 81.7%

Details

Status published

Products (1)

qualcomm/eudora 5.2.1

Published Jun 16, 2003

Tracked Since Feb 18, 2026