Description
Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command.
References (7)
Core 7
Core References
Exploit third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/3774
Exploit x_refsource_misc
http://www.infigo.hr/en/in_focus/advisories/INFIGO-2008-03-07
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29105
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/489959/100/0/threaded
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28377
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41402
Vendor Advisory x_refsource_misc
http://www.netwinsite.com/surgemail/help/updates.htm
Scores
EPSS
0.0630
EPSS Percentile
92.8%
Details
CWE
CWE-119
Status
published
Products (39)
netwin/surgemail
1.8g3
netwin/surgemail
1.9b2
netwin/surgemail
2.0a2
netwin/surgemail
2.0c
netwin/surgemail
2.0e
netwin/surgemail
2.0g2
netwin/surgemail
2.1c7
netwin/surgemail
2.2a6
netwin/surgemail
2.2c10
netwin/surgemail
2.2g2
... and 29 more
Published
Mar 25, 2008
Tracked Since
Feb 18, 2026