Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2002-0621 | First vendor Publication | 2002-07-03 |
Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Buffer overflow in the Office Web Components (OWC) package installer used by Microsoft Commerce Server 2000 allows remote attackers to cause the process to fail or run arbitrary code in the LocalSystem security context via certain input to the OWC package installer. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0621 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
5172 | Microsoft Commerce Server OWC Installer LocalSystem Arbitrary Code Execution A remote overflow exists in Microsoft Commerce Server. Microsoft Commerce Server Office Web Component package installer fails to handle malformed data resulting in a buffer overflow. With a specially crafted request, an attacker can cause execution of arbitrary code or DoS resulting in a loss of confidentiality, integrity, and/or availability. |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:01:41 |
|
2021-04-22 01:01:49 |
|
2020-05-23 00:14:59 |
|
2018-10-13 00:22:25 |
|
2016-06-28 14:59:00 |
|
2013-05-11 12:10:03 |
|