Lucene search
HistoryJun 21, 2005 - 4:00 a.m.
CVE-2002-1770
qualcomm
eudora
remote code execution
html email
cve-2002-1770
security vulnerability
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
7.5 High
AI Score
Confidence
High
0.017 Low
EPSS
Percentile
87.9%
Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer.
Affected configurations
Node
qualcommeudoraMatch5.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| qualcomm:eudora | qualcomm eudora | eq | 5.1 |
Related
nvd
nvd
CVE-2002-1770
2002-12-31 05:00:00
checkpoint_advisories
checkpoint_advisories
Eudora URL Handling Buffer Overflow (CVE-2002-1770)
2009-10-20 00:00:00
cvelist
cvelist
CVE-2002-1770
2005-06-21 04:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
7.5 High
AI Score
Confidence
High
0.017 Low
EPSS
Percentile
87.9%
Related for CVE-2002-1770