Format String Vulnerability in NetWin SurgeMail WebMail Component
CVE-2008-1055

Currently unrated

Key Information:

Vendor

Netwin

Status
Surgemail
Webmail
Vendor
CVE Published:
27 February 2008

What is CVE-2008-1055?

A format string vulnerability exists in the webmail.exe component of NetWin SurgeMail, impacting versions 38k4 and earlier, as well as beta version 39a, and WebMail version 3.1s and earlier. This flaw allows remote attackers to exploit format string specifiers in the page parameter, potentially leading to a denial of service through daemon crashes. In some cases, this vulnerability could also enable attackers to execute arbitrary code, thereby compromising the confidentiality and integrity of the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://securityreason.com/securityalert/3705
third-party-advisoryx_refsource_SREASON
http://aluigi.altervista.org/adv/surgemailz-adv.txt
x_refsource_MISC
http://secunia.com/advisories/29137
third-party-advisoryx_refsource_SECUNIA

EPSS Score

21% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.