Check Point Reference: | CPAI-2004-148 |
Date Published: | 20 Oct 2009 |
Severity: | High |
Last Updated: | Tuesday 20 October, 2009 |
Source: | |
Industry Reference: | CVE-2002-1770 |
Protection Provided by: |
Security Gateway |
Who is Vulnerable? | |
Vulnerability Description | There is a stack buffer overflow vulnerability within the Qualcomm Eudora, a popular e-mail client. It is possible for a remote attacker to craft an e-mail containing a specially crafted link that will cause Eudora to terminate, and possibly execute arbitrary code. There is a vulnerability within certain versions of Eudora, an e-mail client released by Qualcomm Corporation, that allows a remote attacker to cause Eudora to terminate upon clicking a malicious link within an e-mail sent by the attacker. It is possible for the remote attacker to execute arbitrary code on the victim's computer. When the victim clicks on a malicious reference within an e-mail sent from an attacker, arbitrary code execution is possible if the attacker has crafted the e-mail correctly. In the case where remote code execution fails, Eudora will terminate. The victim will need to re-open Eudora to regain access to their e-mail. |
This protection will detect and block attempts to exploit this vulnerability
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: NNTP Protection Violation.
Attack Information: Eudora URL handling buffer overflow