CVE-2002-0620
Summary
| CVE | CVE-2002-0620 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2002-07-03 04:00:00 UTC |
| Updated | 2018-10-12 21:31:00 UTC |
| Description | Buffer overflow in the Profile Service of Microsoft Commerce Server 2000 allows remote attackers to cause the server to fail or run arbitrary code in the LocalSystem security context via an input field using an affected API. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Commerce Server | 2000 | All | All | All |
| Application | Microsoft | Commerce Server | 2000 | sp1 | All | All |
| Application | Microsoft | Commerce Server | 2000 | sp2 | All | All |
| Application | Microsoft | Commerce Server | 2000 | All | All | All |
| Application | Microsoft | Commerce Server | 2000 | sp1 | All | All |
| Application | Microsoft | Commerce Server | 2000 | sp2 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Microsoft Security Bulletin MS02-033 - Critical | Microsoft Docs | MS | docs.microsoft.com | |
| Microsoft Commerce Server 2000 Profile Service Buffer Overflow Vulnerability | BID | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.