Stack overflow

2008-03-2519:44:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

0.91 High

EPSS

Percentile

98.9%

JSON

Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command.

CPENameOperatorVersion
surgemaileq3.6.0-f7
surgemaileq3.0.0-c2
surgemaileq2.2.0-a6
surgemaileq3.7.98
surgemaileq3.8.100
surgemaileq2.0.0-g2
surgemaileq3.8.98
surgemaileq3.7.0-b8
surgemaileq3.8.0-i3
surgemaileq2.0.101

Name	Operator	Version
surgemail	eq	3.6.0-f7
surgemail	eq	3.0.0-c2
surgemail	eq	2.2.0-a6
surgemail	eq	3.7.98
surgemail	eq	3.8.100
surgemail	eq	2.0.0-g2
surgemail	eq	3.8.98
surgemail	eq	3.7.0-b8
surgemail	eq	3.8.0-i3
surgemail	eq	2.0.101

Rows per page:

1-10 of 391

References

secunia.com/advisories/29105

securityreason.com/securityalert/3774

www.infigo.hr/en/in_focus/advisories/INFIGO-2008-03-07

www.netwinsite.com/surgemail/help/updates.htm

www.securityfocus.com/archive/1/489959/100/0/threaded

www.securityfocus.com/bid/28377

exchange.xforce.ibmcloud.com/vulnerabilities/41402