SMTP: Eudora Spoofed Attachment in HTML Message Body
This signature detects attempts to spoof an e-mail attachment. Eudora Windows 6.2.0.7 and earlier versions are vulnerable. Attackers can send a maliciously crafted e-mail with an illegal "Attachment Converted:" line in the message body to spoof attachments, which can enable remote code execution.
Extended Description
Execution of Trojan horse or other malicious executables, a denial of service to Eudora users, arbitrary code execution, and theft of sensitive files are possible impacts of these vulnerabilities.
Short Name
SMTP:EMAIL:EUDORA-SPOOF4
Severity
Minor
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
Attachment Body CVE-2003-0376 Eudora HTML Message Spoofed in
Release Date
11/17/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Occasionally
CVSS Score
5.0