Vulnerabilities > Netwin > Surgemail > High

DATE CVE VULNERABILITY TITLE RISK
2008-02-27 CVE-2008-1055 USE of Externally-Controlled Format String vulnerability in Netwin Surgemail and Webmail
Format string vulnerability in webmail.exe in NetWin SurgeMail 38k4 and earlier and beta 39a, and WebMail 3.1s and earlier, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in the page parameter.
network
low complexity
netwin CWE-134
7.5
2007-05-14 CVE-2007-2655 USE of Externally-Controlled Format String vulnerability in Netwin Surgemail and Webmail
Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution.
network
low complexity
netwin CWE-134
7.5