CVE-2002-0622

critical

Description

The Office Web Components (OWC) package installer for Microsoft Commerce Server 2000 allows remote attackers to execute commands by passing the commands as input to the OWC package installer, aka "OWC Package Command Execution".

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-033

http://www.securityfocus.com/bid/5111

http://www.osvdb.org/5170

http://www.iss.net/security_center/static/9425.php

Details

Source: Mitre, NVD

Published: 2002-07-03

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.10267