CVE-2008-7074

Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a server response, which is not properly handled "when displaying the signon message."

🔗 References (12)

• cve@mitrehttp://memecode.com/site/ver.php?id=264
• cve@mitrehttp://osvdb.org/50232
• cve@mitrehttp://secunia.com/advisories/32906
• cve@mitrehttp://www.securityfocus.com/bid/32497
• cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/46970
• cve@mitrehttps://www.exploit-db.com/exploits/7249
• af854a3a-2127-422b-91ae-364da2661108http://memecode.com/site/ver.php?id=264
• af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/50232
• af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32906
• af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/32497
• af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/46970
• af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/7249