CVE-2008-1497

{"id": "CVE-2008-1497", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-03-25T19:44:00.000", "references": [{"url": "http://secunia.com/advisories/29105", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/3774", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2008-03-07", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.netwinsite.com/surgemail/help/updates.htm", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/489959/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/28377", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41402", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en Pila en el servicio IMAP de NetWin SurgeMail 38k4-4 y versiones anteriores, permite a usuarios remotos autenticados ejecutar c\u00f3digo de su elecci\u00f3n mediante argumentos largos del comando LSUB."}], "lastModified": "2018-10-11T20:35:12.553", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netwin:surgemail:1.8g3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96563C20-642A-47EA-8A4B-1DE9C1DD7377"}, {"criteria": "cpe:2.3:a:netwin:surgemail:1.9b2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFAC85F6-EF7F-4051-AEC9-4FF21D77D1EA"}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.0a2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90487000-A5DA-463B-82B2-5F83DBEC7154"}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.0c:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B654A1F-01A3-4F18-A1E6-9D924BF34397"}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.0e:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FDB3E97-547C-4531-81E9-B280E3DF39D4"}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.0g2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61DA6241-B456-4721-BAB7-A857FAA4B41B"}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.1c7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBBC4664-D561-4DDD-AC69-003D498FE40B"}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.2a6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7324F0F8-6F15-4966-9589-7BDF502DA287"}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.2c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FAF4BCCC-8284-4EB2-B38B-06283E584F2A"}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.2g2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "288E7531-50DA-4AE1-B152-F0FBE7CA88BC"}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.2g3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "914D7AFB-007F-48C1-98C0-13B38F2C2D75"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.0a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1ED629A5-B807-4856-AD71-DF5040463694"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.0c2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5470DC1D-DBE4-4C03-B831-42533DF08D93"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.2e:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4420781-D233-4C09-9979-B20BB476E635"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.5a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C4180CD-DCAC-42DB-8973-F8233F8B8EDD"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.5b3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BB3CEAB-41DD-447B-B36E-C5C5B9F1A2F6"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.6d:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CE7B0E5-E5A8-4F03-867A-8AE987D2254B"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.6f3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60B63ABA-5B8B-4EF2-A832-38F047904727"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.6f5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90D7306C-A95A-4DB8-A6F1-29B233FF9977"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.6f7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "234A98AA-6482-4889-B3A3-3D4EC1023371"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.7b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "063644A4-AD5B-4BD7-9B6C-ADA2C47562C3"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.7b3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CB85D71-332A-4B5F-8B48-57CE29461920"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.7b5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0871CD5E-B0B7-4A80-924F-073227420136"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.7b6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "563791A9-A34B-4C2A-9F4F-F878654C5742"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.7b7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5AAF682B-5815-4787-B288-F1CB47F1C986"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.7b8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4764A66-0284-4D85-9A8D-69CC9FCD53EE"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12FCF5D0-3E98-48E4-840C-5DD47A893AA0"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B2E8CA7-DAF6-4C30-8ED1-9FA6D4A660D9"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8d:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C384BC3-603B-4409-B473-F3213D05DB95"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8f:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C81E2733-0791-4D5E-990F-B40859EEA7C1"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8f2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1CE77D8-ADB3-4A3E-9D79-4F9739F7549A"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8f3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50C06B4F-1DEC-4622-B060-184762418112"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8i:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19390313-1B1C-4388-AA3B-1A470416FADF"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8i2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB1FD0B1-DEE5-4765-9538-FBA20E8B1559"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8i3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30495DFC-EC4F-4449-851A-3358C9BCBF69"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8k:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C4BE37B-BA86-4B1D-A1B6-B5910F61171D"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8k2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAF32266-AB58-4215-B7FF-CC882835EE79"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8k3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A437EB1A-2E12-4AAB-8817-57D17C2E21E9"}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8m:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25C21957-FA45-4FCE-AFFE-4A0E1345CFE9"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}