SurgeMail and WebMail 'Page' Command Remote Format String Vulnerability

Bugtraq ID:	27990
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Feb 25 2008 12:00AM
Updated:	Feb 26 2008 07:52PM
Credit:	Luigi Auriemma is credited with the discovery of this vulnerability.
Vulnerable:	NetWin WebMail 3.1s NetWin SurgeMail 3.0 c2 NetWin SurgeMail 3.0 a NetWin SurgeMail 2.2 g3 NetWin SurgeMail 2.2 g2 NetWin SurgeMail 2.2 c9 NetWin SurgeMail 2.2 c10 NetWin SurgeMail 2.2 a6 NetWin SurgeMail 2.1 c7 NetWin SurgeMail 2.1 a NetWin SurgeMail 2.0 g2 NetWin SurgeMail 2.0 e NetWin SurgeMail 2.0 c NetWin SurgeMail 2.0 a2 NetWin SurgeMail 1.9 b2 NetWin SurgeMail 1.9 NetWin SurgeMail 1.8 g3 NetWin SurgeMail 1.8 e NetWin SurgeMail 1.8 d NetWin SurgeMail 1.8 b3 NetWin SurgeMail 1.8 a NetWin SurgeMail beta 39a NetWin SurgeMail 3.9a NetWin SurgeMail 3.8k4 NetWin SurgeMail 3.8f3

Not Vulnerable: