Surgemail@2.0c Security Vulnerabilities and Issues — Surgemail@2.0c CVE List

Lucene search

NetwinSurgemail2.0c

5 matches found

CVE•added 2008/03/25 7:44 p.m.•51 views

CVE-2008-1497

Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command.

9CVSS7.7AI score0.10686EPSS

CVE•added 2008/02/27 7:44 p.m.•43 views

CVE-2008-1054

Stack-based buffer overflow in the _lib_spawn_user_getpid function in (1) swatch.exe and (2) surgemail.exe in NetWin SurgeMail 38k4 and earlier, and beta 39a, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via an HTTP request with multiple lo...

6.4CVSS8.3AI score0.22459EPSS

CVE•added 2005/10/25 4:0 a.m.•39 views

CVE-2004-2537

Unspecified vulnerability in SurgeMail before 2.2c10 has unknown impact and attack vectors, related to a "Webmail security bug."

10CVSS7AI score0.00475EPSS

CVE•added 2011/01/07 11:0 p.m.•39 views

CVE-2010-3201

Cross-site scripting (XSS) vulnerability in NetWin Surgemail before 4.3g allows remote attackers to inject arbitrary web script or HTML via the username_ex parameter to the surgeweb program.

4.3CVSS5.7AI score0.02062EPSS

CVE•added 2008/02/27 7:44 p.m.•30 views

CVE-2008-1055

Format string vulnerability in webmail.exe in NetWin SurgeMail 38k4 and earlier and beta 39a, and WebMail 3.1s and earlier, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in the page parameter.

7.5CVSS7.8AI score0.21598EPSS