Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-2351

CWE-22Path Traversal5 documents4 sources
Severity
6.4MEDIUM
EPSS
3.3%
top 12.86%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Qualcomm Eudora
Timeline
PublishedDec 31
Latest updateApr 30

Description

Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

NVDqualcomm/eudora6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-hpg8-x8xf-fcp2: Eudora 52022-04-30
CVEList
CVE-2002-2351: Eudora 52007-10-29

💥Exploits & PoCs

2
Exploit-DB
Qualcomm Eudora 5/6 - File Attachment Spoofing (1)2002-08-08
Exploit-DB
Qualcomm Eudora 5/6 - File Attachment Spoofing (2)2002-08-08
CVE-2002-2351 (MEDIUM CVSS 6.4) | Eudora 5.1 allows remote attackers | cvebase.io