Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-2005

CWE-5927 documents7 sources
Severity
5.1MEDIUM
EPSS
20.8%
top 4.39%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Qualcomm Eudora
Timeline
PublishedMay 6
Latest updateApr 29

Description

Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows remote attackers to execute arbitrary code via an e-mail with (1) a link to a long URL to the C drive or (2) a long attachment name.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages1 packages

NVDqualcomm/eudora5 versions+4

Patches

Patch: secunia.comPatch: www.securityfocus.comPatch: secunia.com

🔴Vulnerability Details

2
GHSA
GHSA-rhhf-gqg6-mv8h: Buffer overflow in Eudora for Windows 52022-04-29
CVEList
CVE-2004-2005: Buffer overflow in Eudora for Windows 52005-05-10

💥Exploits & PoCs

4
Exploit-DB
Randshop 1.1.1 - 'header.inc.php' Remote File Inclusion2006-07-01
Exploit-DB
Microsoft Excel 95/97/2000/2002/2003/2004 - Malformed Range Memory Corruption2005-12-08
Exploit-DB
CrystalFTP Pro 2.8 - Remote Buffer Overflow2005-04-24
Exploit-DB
Qualcomm Eudora 5.2.1/6.x - Embedded Hyperlink Buffer Overrun2004-05-07

📋Vendor Advisories

4
Red Hat
ncompress: insecure tmp file handling may lead to file overwrite2021-11-09
Red Hat
perl: File:: Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-12008-11-19
Red Hat
security flaw2004-12-15
Red Hat
security flaw2002-03-15

💬Community

3
Bugzilla
CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-12008-11-28
Bugzilla
CVE-2006-0052 Mailman DoS, CVE-2006-1712 Mailman cross site scripting bug and CVE-2005-3573 Mailman Denial of Service (CVE-2005-4153); also CAN-2004-1177 Cross-site scripting (XSS) vulnerability2006-06-02
Bugzilla
CAN-2004-1304, File ELF Header Unspecified Buffer Overflow2004-12-07
CVE-2004-2005 (MEDIUM CVSS 5.1) | Buffer overflow in Eudora for Windo | cvebase.io