Unrated severityNVD Advisory· Published Aug 25, 2009· Updated Apr 23, 2026

CVE-2008-7074

Description

Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a server response, which is not properly handled "when displaying the signon message."

Affected products

Memcode/I.scribe13 versions
cpe:2.3:a:memcode:i.scribe:1.88:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:memcode:i.scribe:1.88:*:*:*:*:*:*:*
- cpe:2.3:a:memcode:i.scribe:1.89:*:*:*:*:*:*:*
- cpe:2.3:a:memcode:i.scribe:1.90:*:*:*:*:*:*:*
- cpe:2.3:a:memcode:i.scribe:2.00:alpha1:*:*:*:*:*:*
- cpe:2.3:a:memcode:i.scribe:2.00:alpha2:*:*:*:*:*:*
- cpe:2.3:a:memcode:i.scribe:2.00:alpha3:*:*:*:*:*:*
- cpe:2.3:a:memcode:i.scribe:2.00:alpha4:*:*:*:*:*:*
- cpe:2.3:a:memcode:i.scribe:2.00:beta10:*:*:*:*:*:*
- cpe:2.3:a:memcode:i.scribe:2.00:beta11:*:*:*:*:*:*
- cpe:2.3:a:memcode:i.scribe:2.00:beta6:*:*:*:*:*:*
- cpe:2.3:a:memcode:i.scribe:2.00:beta7:*:*:*:*:*:*
- cpe:2.3:a:memcode:i.scribe:2.00:beta8:*:*:*:*:*:*
- cpe:2.3:a:memcode:i.scribe:2.00:beta9:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/32497nvdExploit
secunia.com/advisories/32906nvdVendor Advisory
memecode.com/site/ver.phpnvd
osvdb.org/50232nvd
exchange.xforce.ibmcloud.com/vulnerabilities/46970nvd
www.exploit-db.com/exploits/7249nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.009
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000