CVE-2002-0620

CVE Database · CVE-2002-0620

CVE-2002-0620

· N/AModified

CVSS v3.1

N/A

EPSS

12.21%

Published

Jul 3, 2002

Modified

Apr 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Buffer overflow in the Profile Service of Microsoft Commerce Server 2000 allows remote attackers to cause the server to fail or run arbitrary code in the LocalSystem security context via an input field using an affected API.

Affected Products (3)

microsoft · commerce_servervulnerable

References (4)

http://www.securityfocus.com/bid/4853

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-033

http://www.securityfocus.com/bid/4853

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-033

KEV Catalog EPSS Scores Vendors All CVEs