CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
97.3%
Buffer overflow in the Office Web Components (OWC) package installer used by Microsoft Commerce Server 2000 allows remote attackers to cause the process to fail or run arbitrary code in the LocalSystem security context via certain input to the OWC package installer.
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | commerce_server | 2000 | cpe:2.3:a:microsoft:commerce_server:2000:*:*:*:*:*:*:* |
microsoft | commerce_server | 2000 | cpe:2.3:a:microsoft:commerce_server:2000:sp1:*:*:*:*:*:* |
microsoft | commerce_server | 2000 | cpe:2.3:a:microsoft:commerce_server:2000:sp2:*:*:*:*:*:* |