CVE-2002-1140 : The Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemente

The Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP, allows remote attackers to cause a denial of service (service hang) via malformed packet fragments, aka "Improper parameter size check leading to denial of service."

Published 2002-10-11 04:00:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2002-1140

Microsoft » Services » Version: 3.0 Unix Edition
cpe:2.3:a:microsoft:services:3.0:*:unix:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2002-1140

EPSS FAQ

18.09%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 95 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2002-1140

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2002-1140

http://www.iss.net/security_center/static/10258.php

Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-057

Microsoft Security Bulletin MS02-057 - Critical | Microsoft Learn

CVEs referencing this url
http://www.securityfocus.com/bid/5879

Jump to

Vulnerability Details : CVE-2002-1140

Products affected by CVE-2002-1140

Exploit prediction scoring system (EPSS) score for CVE-2002-1140

CVSS scores for CVE-2002-1140

References for CVE-2002-1140