Lucene search

[email protected]CVE-2002-0622

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0622

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

office web components

owc

package installer

microsoft commerce server 2000

remote attackers

command execution

security vulnerability

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.043 Low

EPSS

Percentile

92.3%

JSON

The Office Web Components (OWC) package installer for Microsoft Commerce Server 2000 allows remote attackers to execute commands by passing the commands as input to the OWC package installer, aka “OWC Package Command Execution”.

Affected configurations

NVD

Node

microsoftcommerce_serverMatch2000

microsoftcommerce_serverMatch2000sp1

microsoftcommerce_serverMatch2000sp2

CPENameOperatorVersion
microsoft:commerce_servermicrosoft commerce servereq2000

CPE	Name	Operator	Version
microsoft:commerce_server	microsoft commerce server	eq	2000

References

www.iss.net/security_center/static/9425.php

www.osvdb.org/5170

www.securityfocus.com/bid/5111

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-033

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.043 Low

EPSS

Percentile

92.3%

JSON

Related for CVE-2002-0622

cvelist1 nvd1