Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2077


Vulnerability Score 5.0 5.0
CVE Id CVE-2002-2077
Last Modified 05 Sep 2008 04:32:16
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter context" request, which may allow remote attackers to obtain sensitive information by sniffing the session.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000


BID - 4410

XF - win2k-dcom-memory-leak(8739)

BINDVIEW - 20020402 Windows 2000 DCOM clients may leak sensitive information onto the network

MSKB - Q300367

Last Updated: 27 May 2016 10:37:36