Format string vulnerability in MemeCode Software i.Scribe 1.88 up to and including 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a server response, which is not properly handled "when displaying the signon message."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
memcode i.scribe 2.00 |
||
memcode i.scribe 1.90 |
||
memcode i.scribe 1.89 |
||
memcode i.scribe 1.88 |