Surgemail@3.8f3 Security Vulnerabilities and Issues — Surgemail@3.8f3 CVE List

Lucene search

NetwinSurgemail3.8f3

6 matches found

CVE•added 2008/03/25 7:44 p.m.•51 views

CVE-2008-1497

Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command.

9CVSS7.7AI score0.10686EPSS

CVE•added 2008/02/27 7:44 p.m.•43 views

CVE-2008-1054

Stack-based buffer overflow in the _lib_spawn_user_getpid function in (1) swatch.exe and (2) surgemail.exe in NetWin SurgeMail 38k4 and earlier, and beta 39a, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via an HTTP request with multiple lo...

6.4CVSS8.3AI score0.22459EPSS

CVE•added 2008/06/25 12:36 p.m.•43 views

CVE-2008-2859

Unspecified vulnerability in the IMAP service in NetWin SurgeMail before 3.9g2 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors related to an "imap command."

5CVSS6.4AI score0.0442EPSS

CVE•added 2011/01/07 11:0 p.m.•39 views

CVE-2010-3201

Cross-site scripting (XSS) vulnerability in NetWin Surgemail before 4.3g allows remote attackers to inject arbitrary web script or HTML via the username_ex parameter to the surgeweb program.

4.3CVSS5.7AI score0.02062EPSS

CVE•added 2007/05/14 9:19 p.m.•33 views

CVE-2007-2655

Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution.

7.5CVSS7.5AI score0.02503EPSS

CVE•added 2008/02/27 7:44 p.m.•30 views

CVE-2008-1055

Format string vulnerability in webmail.exe in NetWin SurgeMail 38k4 and earlier and beta 39a, and WebMail 3.1s and earlier, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in the page parameter.

7.5CVSS7.8AI score0.21598EPSS