CVE-2002-2077

The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter context" request, which may allow remote attackers to obtain sensitive information by sniffing the session.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*

History

07 Nov 2023, 01:56

Type Values Removed Values Added
References
  • {'url': 'http://support.microsoft.com/default.aspx?scid=kb;EN-US;q300367', 'name': 'Q300367', 'tags': ['Patch'], 'refsource': 'MSKB'}
  • () http://support.microsoft.com/default.aspx?scid=kb%3BEN-US%3Bq300367 -

Information

Published : 2002-12-31 05:00

Updated : 2024-02-28 10:24


NVD link : CVE-2002-2077

Mitre link : CVE-2002-2077

CVE.ORG link : CVE-2002-2077


JSON object : View

Products Affected

microsoft

  • windows_2000