Strix
26.1K

CVE-2002-2313

UnknownEPSS 0.83%

Last modified

CVE-2002-2313 is a vulnerability of currently unknown severity. Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer.. EPSS estimates a 0.83% chance of exploitation in the next 30 days.

Description

Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer.

Metrics

EPSS Probability
0.83%

52.8th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
QualcommEudora5.1.1

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2002-2313?
Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer.
How severe is CVE-2002-2313?
Severity scoring for CVE-2002-2313 is pending analysis. The EPSS model estimates a 0.83% probability of exploitation in the next 30 days.
How do I fix CVE-2002-2313?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2002-2313?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST