'Critical' Buffer Overflow Found in Eudora

May 7, 2004

Ryan Naraine

Paul Szabo, a computer systems officer at the University of Sydney, reported the flaws in versions 6.1, 6.0.3 and 5.2.1 of Eudora and warned that Windows users were at risk of complete system takeover.

According to Szabo's advisory, the vulnerability is due to a boundary error within the URL-handling functionality. A malicious hacker could exploit the hole with an e-mail containing a specially crafted link.

"Attachments may be spoofed, even in the latest 6.1 version. Be careful about forwarding messages with attachments, as sensitive/private documents may be sent silently. Be careful about clicking on attachments," said Szabo, who publishes the Secure Your PC Web site.

See the complete story on


0 Comments (click to add your comment)
Comment and Contribute

Your comment has been submitted and is pending approval.



 (click to add your comment)

Comment and Contribute

Your name/nickname

Your email


(Maximum characters: 1200). You have characters left.