CVE-2002-1140 : The Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP

The Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP, allows remote attackers to cause a denial of service (service hang) via malformed packet fragments, aka "Improper parameter size check leading to denial of service."

Published 2002-10-11 04:00:00

Updated 2018-10-12 21:31:58

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2002-1140

Probability of exploitation activity in the next 30 days: 0.90%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 81 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2002-1140

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2002-1140

http://www.iss.net/security_center/static/10258.php

Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-057

Microsoft Security Bulletin MS02-057 - Critical | Microsoft Learn

CVEs referencing this url
http://www.securityfocus.com/bid/5879

Products affected by CVE-2002-1140

Microsoft » Services » Version: 3.0 Unix Edition
cpe:2.3:a:microsoft:services:3.0:*:unix:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2002-1140

Exploit prediction scoring system (EPSS) score for CVE-2002-1140

CVSS scores for CVE-2002-1140

References for CVE-2002-1140

Products affected by CVE-2002-1140