Microsoft

Commerce Server

9 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2012-1856

Warning
  • EPSS 92.14%
  • Published 15.08.2012 01:55:01
  • Last modified 11.04.2025 00:51:21

The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1...

9.3

CVE-2012-0158

Warning
  • EPSS 94.31%
  • Published 10.04.2012 21:55:01
  • Last modified 11.04.2025 00:51:21

The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 ...

9.3

CVE-2007-1201

  • EPSS 45.72%
  • Published 11.03.2008 23:44:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components Data...

7.5

CVE-2006-1257

  • EPSS 42.31%
  • Published 19.03.2006 01:02:00
  • Last modified 03.04.2025 01:03:51

The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remote attackers to bypass authentication by logging in to authfiles/login.asp with a valid username and any password, then going to the main site twice.

5

CVE-2002-0620

  • EPSS 16.37%
  • Published 03.07.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in the Profile Service of Microsoft Commerce Server 2000 allows remote attackers to cause the server to fail or run arbitrary code in the LocalSystem security context via an input field using an affected API.

5

CVE-2002-0621

  • EPSS 16.67%
  • Published 03.07.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in the Office Web Components (OWC) package installer used by Microsoft Commerce Server 2000 allows remote attackers to cause the process to fail or run arbitrary code in the LocalSystem security context via certain input to the OWC pa...

7.5

CVE-2002-0622

  • EPSS 10.27%
  • Published 03.07.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

The Office Web Components (OWC) package installer for Microsoft Commerce Server 2000 allows remote attackers to execute commands by passing the commands as input to the OWC package installer, aka "OWC Package Command Execution".

7.5

CVE-2002-0623

  • EPSS 17.28%
  • Published 03.07.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 and 2002 allows remote attackers to execute arbitrary code via long authentication data, aka "New Variant of the ISAPI Filter Buffer Overrun".

7.5

CVE-2002-0050

  • EPSS 12.16%
  • Published 08.03.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 allows remote attackers to execute arbitrary code via long authentication data.