CVE-2001-1326

Name of the Vulnerable Software and Affected Versions: Eudora version 5.1

Description: The issue allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option is enabled and the "allow executables in HTML content" option is disabled. This can be achieved via an HTML email with a form that is activated from an image that the attacker spoofs as a link, causing the user to execute the form and access embedded attachments.

Recommendations: For Eudora version 5.1, consider disabling the "Use Microsoft Viewer" option to prevent the execution of arbitrary code. Additionally, enable the "allow executables in HTML content" option with caution, as it may introduce other security risks. As a temporary workaround, avoid using HTML emails with forms that can be activated from images until a patch is available.