| Vulnerability Name: | CVE-2002-0623 (CCN-9426) | ||||||||
| Assigned: | 2002-06-26 | ||||||||
| Published: | 2002-06-26 | ||||||||
| Updated: | 2018-10-12 | ||||||||
| Summary: | Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 and 2002 allows remote attackers to execute arbitrary code via long authentication data, aka "New Variant of the ISAPI Filter Buffer Overrun". | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2002-0623 Source: XF Type: UNKNOWN mscs-authfilter-isapi-bo-variant(9426) Source: CCN Type: Microsoft Security Bulletin MS02-010 Unchecked Buffer in ISAPI Filter Could Allow Commerce Server Compromise Source: CCN Type: Microsoft Security Bulletin MS02-033 Unchecked Buffer in Profile Service Could Allow Code Execution in Commerce Server (Q322273) Source: OSVDB Type: UNKNOWN 5163 Source: CCN Type: OSVDB ID: 5163 Microsoft Commerce Server AuthFilter ISAPI Filter Overflow Source: BID Type: UNKNOWN 5112 Source: CCN Type: BID-5112 Microsoft Commerce Server ISAPI Buffer Overflow Variation Vulnerability Source: MS Type: UNKNOWN MS02-033 Source: XF Type: UNKNOWN mscs-authfilter-isapi-bo-variant(9426) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||