ID |
CVE-2001-0677
|
Summary |
Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the "Attachment Converted" MIME header, which sends the file when the email is forwarded to the attacker by the user. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 5.0 (as of 10-10-2017 - 01:29) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
NONE |
NONE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
refmap
via4
|
bid | 2616 | bugtraq | 20010418 Eudora file leakage problem (still) | osvdb | 3085 | xf | eudora-plain-text-attachment(6431) |
|
Last major update |
10-10-2017 - 01:29 |
Published |
20-09-2001 - 04:00 |
Last modified |
10-10-2017 - 01:29 |