CVE-2002-0621
Summary
| CVE | CVE-2002-0621 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2002-07-03 04:00:00 UTC |
| Updated | 2018-10-12 21:31:00 UTC |
| Description | Buffer overflow in the Office Web Components (OWC) package installer used by Microsoft Commerce Server 2000 allows remote attackers to cause the process to fail or run arbitrary code in the LocalSystem security context via certain input to the OWC package installer. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Commerce Server | 2000 | All | All | All |
| Application | Microsoft | Commerce Server | 2000 | sp1 | All | All |
| Application | Microsoft | Commerce Server | 2000 | sp2 | All | All |
| Application | Microsoft | Commerce Server | 2000 | All | All | All |
| Application | Microsoft | Commerce Server | 2000 | sp1 | All | All |
| Application | Microsoft | Commerce Server | 2000 | sp2 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| ISS X-Force Database: mscs-owc-installer-bo (9424): Microsoft Commerce Server OWC package installer buffer overflow | XF | www.iss.net | |
| Microsoft Security Bulletin MS02-033 - Critical | Microsoft Docs | MS | docs.microsoft.com | |
| Microsoft Commerce Server OWC Package Installer Buffer Overflow Vulnerability | BID | www.securityfocus.com | |
| 5172 | OSVDB | www.osvdb.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.