VYPR
Vendor

Ecartis

Products
1
CVEs
8
Across products
8
Status
Private

Products

1

Recent CVEs

8
  • CVE-2002-0468Aug 12, 2002
    risk 0.03cvss epss 0.01

    Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c, or possibly via bad uses of sprintf() in (2) moderate.c, (3) lcgi.c, (4)…

  • CVE-2006-0332Jan 21, 2006
    risk 0.00cvss epss 0.01

    Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments in a publicly accessible directory, which may allow remote attackers to upload arbitrary files.

  • CVE-2004-0913Dec 31, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in ecartis 0.x before 0.129a+1.0.0-snap20020514-1.3 and 1.x before 1.0.0+cvs.20030911-8 allows attackers in the same domain to gain administrator privileges and modify configuration.

  • CVE-2003-0781May 4, 2004
    risk 0.00cvss epss 0.01

    Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows attackers to obtain mailing list passwords.

  • CVE-2003-0782May 4, 2004
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.

  • CVE-2003-0162Apr 2, 2003
    risk 0.00cvss epss 0.02

    Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote attackers to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page.

  • CVE-2002-0467Aug 12, 2002
    risk 0.00cvss epss 0.06

    Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c.

  • CVE-2002-0469Aug 12, 2002
    risk 0.00cvss epss 0.00

    Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges.