Lucene search

[email protected]CVE-2007-2655

HistoryMay 14, 2007 - 9:19 p.m.

CVE-2007-2655

2007-05-1421:19:00

CWE-134

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2007-2655

netwin webmail

surgemail

vulnerability

remote attack vectors

format string vulnerability

code execution

nvd

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.104 Low

EPSS

Percentile

95.0%

JSON

Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution.

CPENameOperatorVersion
netwin:webmailnetwin webmaileq3.1s1
netwin:webmailnetwin webmaileq3.1s13
netwin:surgemailnetwin surgemaileq3.8i2
netwin:surgemailnetwin surgemaileq3.8i
netwin:surgemailnetwin surgemaileq3.8f3

CPE	Name	Operator	Version
netwin:webmail	netwin webmail	eq	3.1s1
netwin:webmail	netwin webmail	eq	3.1s13
netwin:surgemail	netwin surgemail	eq	3.8i2
netwin:surgemail	netwin surgemail	eq	3.8i
netwin:surgemail	netwin surgemail	eq	3.8f3

References

osvdb.org/35891

secunia.com/advisories/25207

www.netwinsite.com/surgemail/help/updates.htm

www.securityfocus.com/bid/23908

www.vupen.com/english/advisories/2007/1755

exchange.xforce.ibmcloud.com/vulnerabilities/34217

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.104 Low

EPSS

Percentile

95.0%

JSON

Related for CVE-2007-2655

prion1 cvelist1