CVE-2000-0342

moderate-risk
Published 2000-04-28

Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."

Do I need to act?

~
2.5% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
4 public exploits available
19885, 22627, 23398 and 1 more
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Qualcomm

References (6)

Not Applicable http://news.cnet.com/news/0-1005-200-1773077.html?tag=st.ne.fd.lthd.1005-200-177...
Exploit http://www.peacefire.org/security/stealthattach/explanation.html
Broken Link http://www.securityfocus.com/bid/1157
Not Applicable http://news.cnet.com/news/0-1005-200-1773077.html?tag=st.ne.fd.lthd.1005-200-177...
Exploit http://www.peacefire.org/security/stealthattach/explanation.html
Broken Link http://www.securityfocus.com/bid/1157
44
/ 100
moderate-risk
Severity 26/34 · High
Exploitability 13/34 · Low
Exposure 5/34 · Minimal