Buffer Overflow in NetWin Surgemail IMAP Service
CVE-2008-7182

Currently unrated

Key Information:

Vendor: Netwin
Status: Surgemail
Vendor: CVE Published:; 8 September 2009

What is CVE-2008-7182?

The IMAP service in NetWin Surgemail 3.9e and earlier versions prior to 3.9g2 is prone to a buffer overflow. This vulnerability allows remote authenticated users to exploit the service by sending a long first argument to the APPEND command, potentially resulting in a denial of service by crashing the server and, in certain scenarios, may allow execution of arbitrary code. It is important to note that due to insufficient details, the uniqueness of this vulnerability in relation to other known issues is uncertain.

References

https://www.exploit-db.com/exploits/5968

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/30000

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/496482

mailing-listx_refsource_BUGTRAQ

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 8, 2009
Vulnerability Reserved
Sep 7, 2009

Netwin

What is CVE-2008-7182?

References

EPSS Score

Timeline