Signature Detail

Short Name	SMTP:EMAIL:EUDORA-SPOOF4
Severity	Medium
Recommended	No
Category	SMTP
Keywords	Eudora Spoofed Attachment in HTML Message Body
Release Date	2004/11/17
Update Number	1213
Supported Platforms	di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMTP: Eudora Spoofed Attachment in HTML Message Body

This signature detects attempts to spoof an e-mail attachment. Eudora Windows 6.2.0.7 and earlier versions are vulnerable. Attackers can send a maliciously crafted e-mail with an illegal "Attachment Converted:" line in the message body to spoof attachments, which can enable remote code execution.

Extended Description

Execution of Trojan horse or other malicious executables, a denial of service to Eudora users, arbitrary code execution, and theft of sensitive files are possible impacts of these vulnerabilities.

References

CVE: CVE-2003-0376
URL: http://www.securityfocus.com/archive/1/322286
URL: http://www.eudora.com/security.html

Signature Detail

Short Name

Severity

Recommended

Category

Keywords

Release Date

Update Number

Supported Platforms

SMTP: Eudora Spoofed Attachment in HTML Message Body

Extended Description

References