Unrated severityNVD Advisory· Published Dec 31, 2002· Updated Jun 16, 2026
CVE-2002-2077
CVE-2002-2077
Description
The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter context" request, which may allow remote attackers to obtain sensitive information by sniffing the session.
Affected products
4cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
- (no CPE)range: <SP3
Patches
Vulnerability mechanics
References
4- www.bindview.com/Services/razor/Advisories/2002/adv_dcom.cfmnvdPatchVendor Advisory
- www.iss.net/security_center/static/8739.phpnvdPatch
- www.securityfocus.com/bid/4410nvdPatch
- support.microsoft.com/default.aspxnvd
News mentions
0No linked articles in our index yet.