Lucene search

[email protected]CVE-2002-0623

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0623

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

cve-2002-0623

buffer overflow

authfilter

isapi filter

microsoft commerce server

remote code execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.065 Low

EPSS

Percentile

93.8%

JSON

Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 and 2002 allows remote attackers to execute arbitrary code via long authentication data, aka “New Variant of the ISAPI Filter Buffer Overrun”.

Affected configurations

NVD

Node

microsoftcommerce_serverMatch2000

microsoftcommerce_serverMatch2000sp1

microsoftcommerce_serverMatch2000sp2

microsoftcommerce_serverMatch2002

CPENameOperatorVersion
microsoft:commerce_servermicrosoft commerce servereq2000
microsoft:commerce_servermicrosoft commerce servereq2002

CPE	Name	Operator	Version
microsoft:commerce_server	microsoft commerce server	eq	2000
microsoft:commerce_server	microsoft commerce server	eq	2002

References

www.iss.net/security_center/static/9426.php

www.osvdb.org/5163

www.securityfocus.com/bid/5112

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-033

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.065 Low

EPSS

Percentile

93.8%

JSON

Related for CVE-2002-0623

cvelist1 nvd1