Buffer Overflow Vulnerability in Microsoft Commerce Server 2000
CVE-2002-0620

Currently unrated

Key Information:

Vendor: Microsoft
Status: Commerce Server
Vendor: CVE Published:; 3 July 2002

Summary

A buffer overflow vulnerability exists in the Profile Service of Microsoft Commerce Server 2000. This flaw allows remote attackers to exploit an input field using a specific API, potentially causing the server to crash or executing arbitrary code within the LocalSystem security context. As a result, an attacker could gain unauthorized access and control over critical server functions, posing a significant threat to server integrity and security.

References

http://www.securityfocus.com/bid/4853

vdb-entryx_refsource_BID

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

16% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 3, 2002
Vulnerability Reserved
Jun 12, 2002