ecartis 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は バッファオーバーフロー and vendor risk denial of service に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈で アプリケーションクラッシュ and ファイル上書き などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2006-0332 | Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments in a publicly accessible directory, which may allow remote attackers to upload arbitrary files. | [email protected] | 6.4 | 0.65% | 2006-01-21 | 2026-04-16 |
| CVE-2004-0913 | Unknown vulnerability in ecartis 0.x before 0.129a+1.0.0-snap20020514-1.3 and 1.x before 1.0.0+cvs.20030911-8 allows attackers in the same domain to gain administrator privileges and modify configuration. | [email protected] | 4.6 | 0.07% | 2004-12-31 | 2026-04-16 |
| CVE-2003-0782 | Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code. | [email protected] | 10.0 | 0.75% | 2004-05-04 | 2026-04-16 |
| CVE-2003-0781 | Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows attackers to obtain mailing list passwords. | [email protected] | 10.0 | 0.47% | 2004-05-04 | 2026-04-16 |
| CVE-2003-0162 | Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote attackers to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page. | [email protected] | 7.5 | 0.91% | 2003-04-02 | 2026-04-16 |
| CVE-2002-0469 | Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges. | [email protected] | 7.2 | 0.15% | 2002-08-12 | 2026-04-16 |
| CVE-2002-0468 | Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c, or possibly via bad uses of sprintf() in (2) moderate.c, (3) lcgi.c, (4) fileapi.c, (5) cookie.c, (6) codes.c, or other files. | [email protected] | 4.6 | 0.66% | 2002-08-12 | 2026-04-16 |
| CVE-2002-0467 | Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c. | [email protected] | 10.0 | 17.38% | 2002-08-12 | 2026-04-16 |