Vulnerabilities > Netwin > Webmail > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-02-27 | CVE-2008-1055 | USE of Externally-Controlled Format String vulnerability in Netwin Surgemail and Webmail Format string vulnerability in webmail.exe in NetWin SurgeMail 38k4 and earlier and beta 39a, and WebMail 3.1s and earlier, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in the page parameter. | 7.5 |
| 2007-05-14 | CVE-2007-2655 | USE of Externally-Controlled Format String vulnerability in Netwin Surgemail and Webmail Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution. | 7.5 |