- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19885
- Проверка EDB
-
- Пройдено
- Автор
- BENNETT HASELTON
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2003-0336 cve-2000-0342
- Дата публикации
- 2000-04-28
Qualcomm Eudora 4.2/4.3 - Warning Message Circumvention
Код:
source: https://www.securityfocus.com/bid/1157/info
A malicious email sender can circumvent warning messages that would normally display when a user attempts to view executable attachments in Eudora 4.2/4.3. Eudora does not prompt a user with the warning message if they are attempting to open a file that is neither .exe, .com, or .bat.
Inserting the tag
<a href="file:///c:/eudora/attach/file.lnk"\>http ://www.example.com</ a>
in an email message will display as:
http ://www.example.com
in a Eudora email client.
Therefore, when a user clicks on this link, it will automatically open up the executable file without warning.- Источник
- www.exploit-db.com
