Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2077

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-2077
Last Modified 05 Sep 2008 04:32:16
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-2077

Summary

The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter context" request, which may allow remote attackers to obtain sensitive information by sniffing the session.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000


References

BID - 4410

XF - win2k-dcom-memory-leak(8739)

BINDVIEW - 20020402 Windows 2000 DCOM clients may leak sensitive information onto the network

MSKB - Q300367


Last Updated: 27 May 2016 10:37:36