PT-2002-2797 · Microsoft · Windows 2000

Published

2002-12-31

Updated

2019-04-30

CVE-2002-2077

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Windows 2000 versions prior to SP3

Description: The issue concerns the DCOM client in Windows 2000, which fails to properly clear memory before sending an "alter context" request. This may allow remote attackers to obtain sensitive information by sniffing the session.

Recommendations: For Windows 2000 versions prior to SP3, apply Service Pack 3 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-2077

Affected Products

Windows 2000

PT-2002-2797 · Microsoft · Windows 2000

CVE-2002-2077

Related Identifiers

Affected Products

References · 5