Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-1326

4 documents4 sources
Severity
7.5HIGH
EPSS
3.8%
top 11.97%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Qualcomm Eudora
Timeline
PublishedMay 29
Latest updateApr 30

Description

Eudora 5.1 allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option is enabled and the "allow executables in HTML content" option is disabled, via an HTML email with a form that is activated from an image that the attacker spoofs as a link, which causes the user to execute the form and access embedded attachments.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-m5c5-4448-qwxw: Eudora 52022-04-30
CVEList
CVE-2001-1326: Eudora 52002-05-03

💥Exploits & PoCs

1
Exploit-DB
Qualcomm Eudora 5.1 - Hidden Attachment Execution2001-05-29
CVE-2001-1326 (HIGH CVSS 7.5) | Eudora 5.1 allows remote attackers | cvebase.io