← Back

CVE-2008-3606

nvd nist
Published: Aug 12, 2008Modified: Apr 23, 2026

JSON object

Loading...
6.5
Vector
AV:N/AC:L/Au:S/C:P/I:P/A:P
Exploitability: 8.0 / Impact: 6.4
Source: NVD

Description

Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command. NOTE: some of these details are obtained from third party information.

Affected (44)

Products: Qbik: Wingate
Qbik
1 product
Wingate
Configuration A
44 vulnerable
Vulnerable SoftwareAffected Versions
Qbik
Wingate
Up to 6.2.2
Wingate
Version 2.0
Wingate
Version 2.1
Wingate
Version 3.0.5
Wingate
Version 3.0
Wingate
Version 4.0.1
Wingate
Version 4.1.0
Wingate
Version 4.1.1
Wingate
Version 4.1 beta_a
Wingate
Version 4.2.0
Wingate
Version 4.3.0
Wingate
Version 4.3.0 beta_a
Wingate
Version 4.3.0 beta_b
Wingate
Version 4.4.0
Wingate
Version 4.4.0 beta_a
Wingate
Version 4.4.1
Wingate
Version 4.4.2
Wingate
Version 4.5.0 beta_a
Wingate
Version 4.5.0 beta_b
Wingate
Version 4.5.1
Wingate
Version 4.5.2
Wingate
Version 5.0.0
Wingate
Version 5.0.1.766
Wingate
Version 5.0.1
Wingate
Version 5.0.5
Wingate
Version 5.0
Wingate
Version 5.1
Wingate
Version 5.2.2
Wingate
Version 5.2.3
Wingate
Version 5.2
Wingate
Version 6.0.0.984
Wingate
Version 6.0.1.993
Wingate
Version 6.0.1.995
Wingate
Version 6.0.2.1000
Wingate
Version 6.0.2.1001
Wingate
Version 6.0.3.1005
Wingate
Version 6.0.4.1025
Wingate
Version 6.0
Wingate
Version 6.1.1.1077
Wingate
Version 6.1.2.1094
Wingate
Version 6.1.3.1096
Wingate
Version 6.1.4
Wingate
Version 6.2.1
Wingate
Version 6.2.2.1137

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (12)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.