Eudora 7

From Free Knowledge Base- The DUCK Project: information for everyone
Revision as of 10:03, 11 December 2009 by Admin (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Security Advisory GM#002-IE

Any application that hosts the WebBrowser control is affected since this exploit does not require Active Scripting or ActiveX. Some of these applications are:

  • Qualcomm Eudora
  • Microsoft Outlook
  • Microsoft Outlook Express

An example is when an attacker knows the path to attached files.

Eudora is a popular email client; by default it uses the WebBrowser control for viewing email messages. However, it attempts to secure itself by filtering out elements such as <iframe>, <object>, <embed>, etc.

Eudora stores its attachments (by default) in "C:/Program Files/Qualcomm/Eudora/Attach", an attacker is likely to guess other paths to Eudora, such as different drive letters or similar minor changes.

To protect yourself:

Go to Tools -> Options -> Viewing Mail, uncheck "Use Microsoft's viewer"

 

 

Retrieved from "http://wiki.robotz.com/index.php?title=Eudora_7&oldid=4231"