Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : The New Qualcomm - a S&P500 company -- Ignore unavailable to you. Want to Upgrade?

To: Kent Rattey who wrote (10284)	5/17/2000 2:04:00 PM
From: Kent Rattey	Respond to of 13582

Qualcomm developing Eudora email bug patch By Paul Festa Staff Writer, CNET News.com May 17, 2000, 9:15 a.m. PT Qualcomm said it was at work fixing a security flaw in its Eudora Pro email application that could expose computers to attack. Current versions of Eudora are vulnerable to buffer overflow attacks, Qualcomm said. Called the most common security vulnerability of the past 10 years, a buffer overflow bug can provide an entry point for malicious code sent over a computer network. In a buffer overflow, an application's entry field--an address bar, for instance--has the capacity for a certain number of characters. If the software is improperly coded, strings that exceed the limit will crash the application, often sending the excess code into memory where it can be executed upon restarting the computer. Qualcomm downplayed the importance of the current buffer overflow problem in Eudora. "An exploit would be very, very hard for someone to successfully implement," a Qualcomm representative said. "You'd almost have to have the (Eudora) source code. But that doesn't mean it shouldn't be fixed, and it will be." Qualcomm will patch the hole in its next minor point release of Eudora Pro, Version 4.3.2, due in a matter of days. That release will also squash a bug reported last month that involves warnings that should accompany email attachments.