CVE-2002-1210

3 documents3 sources
Severity
5.0MEDIUM
EPSS
0.5%
top 34.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Qualcomm Eudora
Timeline
PublishedNov 29
Latest updateApr 30

Description

Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment with malicious script into a frame, which then executes the script in the local browser context.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDqualcomm/eudora5.1.1, 5.2+1

Patches

Patch: www.idefense.comPatch: www.idefense.com

🔴Vulnerability Details

2
GHSA
GHSA-57m8-3xxg-m3v2: Qualcomm Eudora 52022-04-30
CVEList
CVE-2002-1210: Qualcomm Eudora 52002-11-21
CVE-2002-1210 (MEDIUM CVSS 5) | Qualcomm Eudora 5.1.1 | cvebase.io