https://www.exploit-db.com/exploits/20688
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200106-138

Eudora5.1之前版本存在漏洞。当’UseMicrosoftViewer’和’allowexecutablesinHTMLcontent’启动时，远程攻击者可以借助包含带有ActiveX控制和恶意IMG标签代码Java脚本的HTML邮件执行任意代码。

source: http://www.securityfocus.com/bid/2490/info

Eudora uses Internet Explorer to assist in the viewing of html messages if the 'Use Microsoft Viewer' option is enabled. Eudora also has a 'allow executables in HTML content' option, which the documentation recommends be disabled for securithy reasons. It is possible for an attacker to excecute arbitrary code on a remote system even if 'allow executables in HTML content' is disabled, if the 'Use Microsoft viewer' option is enabled. 

http://www.malware.com/you!DORA.txt

来源:XF
名称:eudora-html-execute-code(6262)
链接:http://xforce.iss.net/static/6262.php
来源:BID
名称:2490
链接:http://www.securityfocus.com/bid/2490
来源:BUGTRAQ
名称:20010318feeble.you!dora.exploit
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=98503741910995&w;=2