VYPR
Unrated severityNVD Advisory· Published Dec 31, 2002· Updated Jun 16, 2026

CVE-2002-2077

CVE-2002-2077

Description

The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter context" request, which may allow remote attackers to obtain sensitive information by sniffing the session.

Affected products

4
  • cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
    • (no CPE)range: <SP3

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.