Vulnerability Development mailing list archives
Re: [FWD] MSIE vulnerability exploitable with Eudora (and IncrediMail)
From: Magnus Bodin <magnus () bodin org>
Date: Sat, 16 Mar 2002 18:38:40 +0100
On Sat, Mar 16, 2002 at 05:38:57PM +0100, Magnus Bodin wrote:
FYI. Eudora (and Incredimail) could be used as trojan injectors as they automatically decode and stores attachment in a commonly known directory.
And since the W32/Gibe-worm has been out lately and due to the fact that Eudora does NOT remove attachments that you don't open, then it would be a fair guess that a lot of Eudora users now have C:\Program Files\Qualcomm\Eudora\attach\Q216309.exe on their harddisk, meaning that MSIE could help spreading the Gibe-worm as well if somebody uses the MSIE-exploit for That. (*shrug*) /magnus -- Word of the week: shou tào (mittens) <http://x42.com/i/cn/pct/shou_tao.jpg>
Current thread:
- [FWD] MSIE vulnerability exploitable with Eudora (and IncrediMail) Magnus Bodin (Mar 16)
- Re: [FWD] MSIE vulnerability exploitable with Eudora (and IncrediMail) Magnus Bodin (Mar 16)