CVE-2001-0365
First published: Wed Jun 27 2001(Updated: )
Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious code within IMG tags.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Eudora | <=5.1 | |
| Eudora | =5.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-0365?
CVE-2001-0365 is considered a critical vulnerability due to its potential for remote code execution.
How do I fix CVE-2001-0365?
To fix CVE-2001-0365, upgrade Eudora to version 5.1 or later and disable the 'Use Microsoft Viewer' and 'allow executables in HTML content' options.
What software versions are affected by CVE-2001-0365?
CVE-2001-0365 affects Qualcomm Eudora versions prior to 5.1, including version 5.0.2.
What type of attack does CVE-2001-0365 enable?
CVE-2001-0365 enables remote attackers to execute arbitrary code through specially crafted HTML email messages.
What are the required settings for CVE-2001-0365 to be exploited?
CVE-2001-0365 can be exploited if 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled in Eudora.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/qualcomm
- canonical/eudora
- version/eudora/5.1
- version/eudora/5.0.2