← back
CVE-2008-7182

CVE-2008-7182

EPSS 24.3%
Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long first argument to the APPEND command, a different vector than CVE-2008-1497 and CVE-2008-1498. NOTE: due to lack of details, it is not certain whether this is the same issue as CVE-2008-2859.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/5968unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.exploit-db.com/exploits/5968http://www.netwinsite.com/surgemail/help/updates.htmhttp://www.securityfocus.com/archive/1/496482http://www.securityfocus.com/bid/30000