Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2002-0622 | First vendor Publication | 2002-07-03 |
| Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The Office Web Components (OWC) package installer for Microsoft Commerce Server 2000 allows remote attackers to execute commands by passing the commands as input to the OWC package installer, aka "OWC Package Command Execution". |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0622 |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 3 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 5170 | Microsoft Commerce Server OWC Installer Arbitrary Command Execution Microsoft Commerce Server contains a flaw that may allow a malicious user to run commands of their choice via the OWC Package installer. The issue is triggered when the attacker has log on credential to the computer and access to the directory of the OWC package. It is possible that the flaw may allow running a program of the attacker's choice resulting in a loss of confidentiality, integrity, and/or availability. |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2021-05-04 12:01:41 |
|
| 2021-04-22 01:01:49 |
|
| 2020-05-23 00:14:59 |
|
| 2018-10-13 00:22:25 |
|
| 2016-06-28 14:59:01 |
|
| 2013-05-11 12:10:04 |
|
