Microsoft Commerce Server — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Commerce Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2007-1201 — CVSS 9.3 (critical): Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute…
CVE-2006-1257 — CVSS 7.5 (high): The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remote attackers to bypass authentication by…
CVE-2002-0623 — CVSS 7.5 (high): Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 and 2002 allows remote attackers to execute arbitrary code via…
CVE-2002-0622 — CVSS 7.5 (high): The Office Web Components (OWC) package installer for Microsoft Commerce Server 2000 allows remote attackers to execute commands by passing…
CVE-2002-0050 — CVSS 7.5 (high): Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 allows remote attackers to execute arbitrary code via long…
CVE-2002-0621 — CVSS 5.0 (medium): Buffer overflow in the Office Web Components (OWC) package installer used by Microsoft Commerce Server 2000 allows remote attackers to…
CVE-2002-0620 — CVSS 5.0 (medium): Buffer overflow in the Profile Service of Microsoft Commerce Server 2000 allows remote attackers to cause the server to fail or run…