Re: [FWD] MSIE vulnerability exploitable with Eudora (and IncrediMail)

[Magnus Bodin <magnus () bodin org>]

On Sat, Mar 16, 2002 at 05:38:57PM +0100, Magnus Bodin wrote:
> FYI. Eudora (and Incredimail) could be used as trojan injectors as they
> automatically decode and stores attachment in a commonly known directory.

And since the W32/Gibe-worm has been out lately and due to the fact that
Eudora does NOT remove attachments that you don't open, then it would be a
fair guess that a lot of Eudora users now have 

C:\Program Files\Qualcomm\Eudora\attach\Q216309.exe

on their harddisk, meaning that MSIE could help spreading the Gibe-worm as
well if somebody uses the MSIE-exploit for That.

(*shrug*)

/magnus

-- 
Word of the week: shou tào (mittens) 
   <http://x42.com/i/cn/pct/shou_tao.jpg>