CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
76.7%
Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a server response, which is not properly handled “when displaying the signon message.”
Vendor | Product | Version | CPE |
---|---|---|---|
memcode | i.scribe | 1.88 | cpe:2.3:a:memcode:i.scribe:1.88:*:*:*:*:*:*:* |
memcode | i.scribe | 1.89 | cpe:2.3:a:memcode:i.scribe:1.89:*:*:*:*:*:*:* |
memcode | i.scribe | 1.90 | cpe:2.3:a:memcode:i.scribe:1.90:*:*:*:*:*:*:* |
memcode | i.scribe | 2.00 | cpe:2.3:a:memcode:i.scribe:2.00:alpha1:*:*:*:*:*:* |
memcode | i.scribe | 2.00 | cpe:2.3:a:memcode:i.scribe:2.00:alpha2:*:*:*:*:*:* |
memcode | i.scribe | 2.00 | cpe:2.3:a:memcode:i.scribe:2.00:alpha3:*:*:*:*:*:* |
memcode | i.scribe | 2.00 | cpe:2.3:a:memcode:i.scribe:2.00:alpha4:*:*:*:*:*:* |
memcode | i.scribe | 2.00 | cpe:2.3:a:memcode:i.scribe:2.00:beta10:*:*:*:*:*:* |
memcode | i.scribe | 2.00 | cpe:2.3:a:memcode:i.scribe:2.00:beta11:*:*:*:*:*:* |
memcode | i.scribe | 2.00 | cpe:2.3:a:memcode:i.scribe:2.00:beta6:*:*:*:*:*:* |