CVE-2004-2005

Qualcomm Eudora 5.2.1, 6.0.3, 6.1 - Buffer Overflow via Long URL or Attachment Name

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2005. PoCs published by Paul Szabo.

AI-analyzed exploit summary This Perl script generates a malicious HTML email exploiting a buffer overflow in Qualcomm Eudora via an excessively long file URL. The PoC demonstrates the vulnerability by crafting an email that crashes Eudora when the link is clicked.

Description

Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows remote attackers to execute arbitrary code via an e-mail with (1) a link to a long URL to the C drive or (2) a long attachment name.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Paul Szabo · perldoslinux

https://www.exploit-db.com/exploits/24096

View Code ZIP pw:eip

This Perl script generates a malicious HTML email exploiting a buffer overflow in Qualcomm Eudora via an excessively long file URL. The PoC demonstrates the vulnerability by crafting an email that crashes Eudora when the link is clicked.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Qualcomm Eudora (Windows, possibly Mac)

No auth needed

Prerequisites: Victim uses vulnerable Eudora client · Attacker can send email to victim

MITRE ATT&CK