CVE-2004-2649
Eudora 6.1.0.6 - URL Obfuscation via Status Bar Character Injection
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2004-2649. PoCs published by Brett Glass.
AI-analyzed exploit summary This exploit demonstrates a URI obfuscation vulnerability in Qualcomm Eudora MTA, where a control character (^A) and excessive spaces are used to hide the true destination of a hyperlink. The PoC shows how the status bar displays only a portion of the URI, potentially misleading users.
Description
Eudora 6.1.0.6 allows remote attackers to obfuscate URLs displayed in the status bar by inserting a large number of characters (e.g. spaces coded as " ") in the middle of the URL.
Exploits (1)
This exploit demonstrates a URI obfuscation vulnerability in Qualcomm Eudora MTA, where a control character (^A) and excessive spaces are used to hide the true destination of a hyperlink. The PoC shows how the status bar displays only a portion of the URI, potentially misleading users.