Lucene search

[email protected]CVE-2001-0677

HistoryMar 09, 2002 - 5:00 a.m.

CVE-2001-0677

2002-03-0905:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0677

eudora

email attachment

mime header

remote attack

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.2%

JSON

Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the “Attachment Converted” MIME header, which sends the file when the email is forwarded to the attacker by the user.

Affected configurations

NVD

Node

qualcommeudoraMatch5.0.2

CPENameOperatorVersion
qualcomm:eudoraqualcomm eudoraeq5.0.2

CPE	Name	Operator	Version
qualcomm:eudora	qualcomm eudora	eq	5.0.2

References

www.osvdb.org/3085

www.securityfocus.com/archive/1/177369

www.securityfocus.com/bid/2616

exchange.xforce.ibmcloud.com/vulnerabilities/6431

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.2%

JSON

Related for CVE-2001-0677

nvd1 cvelist1