cpe:/a:memcode:i.scribe:1.88 cpe:/a:memcode:i.scribe:1.89 cpe:/a:memcode:i.scribe:1.90 cpe:/a:memcode:i.scribe:2.00:alpha1 cpe:/a:memcode:i.scribe:2.00:alpha2 cpe:/a:memcode:i.scribe:2.00:alpha3 cpe:/a:memcode:i.scribe:2.00:alpha4 cpe:/a:memcode:i.scribe:2.00:beta10 cpe:/a:memcode:i.scribe:2.00:beta11 cpe:/a:memcode:i.scribe:2.00:beta6 cpe:/a:memcode:i.scribe:2.00:beta7 cpe:/a:memcode:i.scribe:2.00:beta8 cpe:/a:memcode:i.scribe:2.00:beta9 CVE-2008-7074 2009-08-25T06:30:00.517-04:00 2017-09-28T21:33:30.870-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2009-08-25T09:02:00.000-04:00 ALLOWS_ADMIN_ACCESS BID 32497 SECUNIA 32906 OSVDB 50232 EXPLOIT-DB 7249 CONFIRM http://memecode.com/site/ver.php?id=264 XF iscribe-smtp-format-string(46970) Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a server response, which is not properly handled "when displaying the signon message."