CVE-2002-1770

3 documents3 sources
Severity
5.0MEDIUM
EPSS
1.2%
top 21.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Qualcomm Eudora
Timeline
PublishedDec 31
Latest updateApr 30

Description

Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-pm95-w2mv-c3q3: Qualcomm Eudora 52022-04-30
CVEList
CVE-2002-1770: Qualcomm Eudora 52005-06-21
CVE-2002-1770 (MEDIUM CVSS 5) | Qualcomm Eudora 5.1 allows remote a | cvebase.io