[] NeoSense
E X P L O I T S
title author type platform port cve id

Qualcomm Eudora 4.2/4.3 - Warning Message Circumvention

Author: Bennett Haselton
type: dos
platform: windows
port: 
date_added: 2000-04-28 
date_updated: 2012-07-16 
verified: 1 
codes: CVE-2003-0336;OSVDB-1305;CVE-2000-0342 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/1157/info

A malicious email sender can circumvent warning messages that would normally display when a user attempts to view executable attachments in Eudora 4.2/4.3. Eudora does not prompt a user with the warning message if they are attempting to open a file that is neither .exe, .com, or .bat.

Inserting the tag
<a &nbsp;href="file:///c:/eudora/attach/file.lnk"\>http&nbsp;://www.example.com</&nbsp;a>
in an email message will display as:
http&nbsp;://www.example.com
in a Eudora email client.

Therefore, when a user clicks on this link, it will automatically open up the executable file without warning.
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.