Users login

Create an account »


Users login

Home » Hacking News » iDEFENSE Security Advisory 11.19.02b: Eudora Script Execution Vulnerability

iDEFENSE Security Advisory 11.19.02b: Eudora Script Execution Vulnerability

by Nikola Strahija on November 24th, 2002 Qualcomm Inc.'s Eudora is a graphical e-mail client for Windows and Macintosh. More information about it is available at .


Remote exploitation of a weakness in Eudora could allow for the
potential retrieval of sensitive information from a targeted Eudora
user's computer.

Eudora saves e-mail attachments in a predictable location.
Exploitation works as such: an attacker sends an e-mail to a Eudora
user that directs him to a specific URL; the e-mail also contains an
HTML-enabled e-mail attachment that contains scripting code. If the
user is socially engineered into clicking on the link, then a frames
page can load the attachment in one of its frames. The attachment can
then retrieve (within the security settings of the local zone) the
content of any local file, and transmit it back to the attacker. The
attack script, in turn, can retrieve the contents of any local file
and transmit it back to the attacker. Since the issue is simple to
exploit, and the issue has still not been addressed, a sample attack
script is not included in this advisory.


Exploitation could lead to further compromise if the attacker is able
to retrieve sensitive files such as the Windows SAM table. It is also
possible for the attacker to obtain other confidential information.
A secure implementation would involve using a random string within
the directory structure to prevent this class of attacks (e.g.
Mozilla e-mail client, etc.).


Eudora 5.1.1 and 5.2 are confirmed to be vulnerable; other versions
may be affected as well.

To determine susceptibility, send an e-mail with an attachment to a
test Eudora user. Check if Eudora stores it in the C:Program
FilesQualcommEudoraattach directory (assuming a default


Change the default location where Eudora stores e-mail attachments.


A Eudora Tech Support Specialist provided the following response
(from head Eudora developer):

"In rare circumstances, certain ill-formatted MIME boundaries can
cause Eudora to crash. It is exceedingly unlikely that this problem
could be exploited to undermine security. The problem will be fixed
in the next release of Eudora."

[iDEFENSE note: The response does not address the security
implications of this advisory. Two attempts were made to change or
clarify Qualcomm's response; all to no avail.]


The Mitre Corp.'s Common Vulnerabilities and Exposures (CVE) Project
assigned the identification number CAN-2002-1210 to this issue.


09/12/2002 Issue disclosed to iDEFENSE
10/14/2002 Qualcomm notified ([email protected])
10/14/2002 iDEFENSE clients notified
10/15/2002 Autoresponse recieved
10/31/2002 Second attempt at contact
11/07/2002 Third attempt at contact
11/08/2002 Vendor response from J. Michael L. ([email protected])
11/10/2002 Clarification request of Vendor Response from iDEFENSE
11/11/2002 Same response from J. Michael L. ([email protected])
11/12/2002 Second clarification request of Vendor Response from
11/19/2002 Still no reply for vendor clarification of response
11/19/2002 Public disclosure


Bennett Haselton ([email protected]) discovered this

Get paid for security research

Subscribe to iDEFENSE Advisories:
send email to [email protected], subject line: "subscribe"


iDEFENSE is a global security intelligence company that proactively
monitors sources throughout the world — from technical
vulnerabilities and hacker profiling to the global spread of viruses
and other malicious code. Our security intelligence services provide
decision-makers, frontline security professionals and network
administrators with timely access to actionable intelligence
and decision support on cyber-related threats. For more information,

- -dave

David Endler, CISSP
Director, Technical Intelligence
14151 Newbrook Drive
Suite 100
Chantilly, VA 20151
voice: 703-344-2632
fax: 703-961-1071

[email protected]

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »