Remote Code Execution in Eudora via HTML Email with ActiveX Controls and Malicious IMG Tags

Remote Code Execution in Eudora via HTML Email with ActiveX Controls and Malicious IMG Tags

CVE-2001-0365 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious code within IMG tags.

Learn more about our Web Application Penetration Testing UK.