Click Here to Install Silverlight*
United StatesChange|All Microsoft Sites
Microsoft
Download Center 
Search Advanced Search

Commerce Server 2000 Q322273 Security Fix

Brief Description
Microsoft has released patches for Commerce Server 2002 and Commerce Server 2000 that include updates for the following security vulnerabilities: Profile Service Buffer Overrun OWC Package Buffer OverrunOWC Package Command ExecutionNew Variant of the ISAPI Filter Buffer

On This Page

Quick Details
File Name:Q322273_EN.EXE
Version:1.1
Knowledge Base (KB) Articles:KB322273
Date Published:5/29/2002
Language:English
Download Size:219 KB
Estimated Download Time: 1 min 56K
Change Language:
  

Overview

Microsoft has released patches for Commerce Server 2002 and Commerce Server 2000 that include updates for the following security vulnerabilities:
Profile Service Buffer Overrun
OWC Package Buffer Overrun
OWC Package Command Execution
New Variant of the ISAPI Filter Buffer Overrun

 Top of page

System Requirements

  • Supported Operating Systems: Windows 2000
Microsoft Commerce Server 2002
Microsoft Commerce Server 2000


This patch is also available for other languages:

* French
* German
* Japanese


Required:
Commerce Server 2000 SP2

 Top of page

Instructions

After you click on the Download Link, you will see a dialog with the question "What would you like to do with this file?"

If you choose to "Run this program from it's current location" it will automatically install the program to your computer.

If you choose "Save this program to a disk" you will be prompted for a location to save the file to. Once saved you will need to open the Q322273_EN.exe. file to run the program.

 Top of page

Additional Information

Much more detailed information regarding these vulnerabilities is located in the Microsoft Knowledge Base Article located in the related link section. A small recap on each vulnerability is listed here: Profile Service Buffer Overrun: This vulnerability results because the Profile Service contains an unchecked buffer in a section of code that handles certain types of API calls. OWC Package Buffer Overrun: This is a buffer overrun : Although Commerce Server does rely on Internet Information Services (IIS) for its base Web services, the AuthFilter ISAPI filter is only available as part of Commerce Server. Customers using IIS are at no risk from this vulnerability. in the Office Web Components (OWC) package installer that is used by Commerce Server. OWC Package Command Execution: This is a vulnerability in the Office Web Components (OWC) package installer that is used by Commerce Server. New Variant of the ISAPI Filter Buffer Overrun: Although Commerce Server does rely on Internet Information Services (IIS) for its base Web services, the AuthFilter ISAPI filter is only available as part of Commerce Server. Customers using IIS are at no risk from this vulnerability.

 Top of page

 Top of page

© 2009 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy Statement