CVE-2002-2077

2022-10-0316:23:49

mitre

www.cve.org

dcom

windows 2000

vulnerability

alter context request

remote attackers

sensitive information

sniffing.

6.1 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.8%

JSON

The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an “alter context” request, which may allow remote attackers to obtain sensitive information by sniffing the session.

References

support.microsoft.com/default.aspx?scid=kb%3BEN-US%3Bq300367

www.bindview.com/Services/razor/Advisories/2002/adv_dcom.cfm

www.iss.net/security_center/static/8739.php

www.securityfocus.com/bid/4410