Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a server response, which is not properly handled when displaying the signon message.
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| I.scribe | Memcode | 1.88 (including) | 1.88 (including) |
| I.scribe | Memcode | 1.89 (including) | 1.89 (including) |
| I.scribe | Memcode | 1.90 (including) | 1.90 (including) |
| I.scribe | Memcode | 2.00-alpha1 (including) | 2.00-alpha1 (including) |
| I.scribe | Memcode | 2.00-alpha2 (including) | 2.00-alpha2 (including) |
| I.scribe | Memcode | 2.00-alpha3 (including) | 2.00-alpha3 (including) |
| I.scribe | Memcode | 2.00-alpha4 (including) | 2.00-alpha4 (including) |
| I.scribe | Memcode | 2.00-beta10 (including) | 2.00-beta10 (including) |
| I.scribe | Memcode | 2.00-beta11 (including) | 2.00-beta11 (including) |
| I.scribe | Memcode | 2.00-beta6 (including) | 2.00-beta6 (including) |
| I.scribe | Memcode | 2.00-beta7 (including) | 2.00-beta7 (including) |
| I.scribe | Memcode | 2.00-beta8 (including) | 2.00-beta8 (including) |
| I.scribe | Memcode | 2.00-beta9 (including) | 2.00-beta9 (including) |