Lucene search

[email protected]CVE-2002-0456

HistoryAug 12, 2002 - 4:00 a.m.

CVE-2002-0456

2002-08-1204:00:00

[email protected]

web.nvd.nist.gov

information security

software vulnerability

eudora

nvd

exploits

cve-2002-0456

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.1 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

62.2%

JSON

Eudora 5.1 and earlier versions stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames.

Affected configurations

NVD

Node

qualcommeudoraMatch5.1

CPENameOperatorVersion
qualcomm:eudoraqualcomm eudoraeq5.1

CPE	Name	Operator	Version
qualcomm:eudora	qualcomm eudora	eq	5.1

References

marc.info/?l=bugtraq&m=101622857703677&w=2

www.iss.net/security_center/static/8487.php

www.securityfocus.com/archive/1/262704

www.securityfocus.com/bid/4306

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.1 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

62.2%

JSON

Related for CVE-2002-0456

cvelist1 nvd1