PT-2002-1507 · Qualcomm · Eudora

Published

2002-06-11

Updated

2016-10-18

CVE-2002-0456

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Eudora versions 5.1 and earlier

Description The issue concerns how Eudora stores attachments in a directory with a fixed name. This could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames.

Recommendations For versions 5.1 and earlier, consider changing the directory where attachments are stored to a location with a less predictable pathname to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0456

Affected Products

Eudora

PT-2002-1507 · Qualcomm · Eudora

CVE-2002-0456

Related Identifiers

Affected Products

References · 5