Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Commerce Server Security Vulnerabilities - November

cve
cve

CVE-2002-0050

Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 allows remote attackers to execute arbitrary code via long authentication data.

8.5AI Score

0.03EPSS

2002-06-25 04:00 AM
22
cve
cve

CVE-2002-0620

Buffer overflow in the Profile Service of Microsoft Commerce Server 2000 allows remote attackers to cause the server to fail or run arbitrary code in the LocalSystem security context via an input field using an affected API.

7.9AI Score

0.13EPSS

2002-07-03 04:00 AM
20
cve
cve

CVE-2002-0621

Buffer overflow in the Office Web Components (OWC) package installer used by Microsoft Commerce Server 2000 allows remote attackers to cause the process to fail or run arbitrary code in the LocalSystem security context via certain input to the OWC package installer.

7.9AI Score

0.381EPSS

2003-04-02 05:00 AM
29
cve
cve

CVE-2002-0622

The Office Web Components (OWC) package installer for Microsoft Commerce Server 2000 allows remote attackers to execute commands by passing the commands as input to the OWC package installer, aka "OWC Package Command Execution".

7.7AI Score

0.031EPSS

2003-04-02 05:00 AM
23
cve
cve

CVE-2002-0623

Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 and 2002 allows remote attackers to execute arbitrary code via long authentication data, aka "New Variant of the ISAPI Filter Buffer Overrun".

8.5AI Score

0.065EPSS

2003-04-02 05:00 AM
25
cve
cve

CVE-2006-1257

The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remote attackers to bypass authentication by logging in to authfiles/login.asp with a valid username and any password, then going to the main site twice.

6.8AI Score

0.02EPSS

2006-03-19 01:02 AM
29
cve
cve

CVE-2007-1201

Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability."

7.3AI Score

0.946EPSS

2008-03-11 11:44 PM
37
cve
cve

CVE-2012-0158

The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 20...

8.8CVSS

7.8AI Score

0.974EPSS

2012-04-10 09:55 PM
1444
In Wild
3
cve
cve

CVE-2012-1856

The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce ...

8.8CVSS

7.9AI Score

0.924EPSS

2012-08-15 01:55 AM
1048
In Wild
1