Vulnerability Description
The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of service (crash or hang) via malformed (random) input.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Internet Information Services | 5.0 |
| Microsoft | Sql Server | 6.5 |
| Microsoft | Windows 2000 | All versions |
References
- http://online.securityfocus.com/archive/1/253360Vendor Advisory
- http://online.securityfocus.com/archive/1/268593Vendor Advisory
- http://www.iss.net/security_center/static/8046.php
- http://www.securityfocus.com/bid/4006
- http://online.securityfocus.com/archive/1/253360Vendor Advisory
- http://online.securityfocus.com/archive/1/268593Vendor Advisory
- http://www.iss.net/security_center/static/8046.php
- http://www.securityfocus.com/bid/4006
FAQ
What is CVE-2002-0224?
CVE-2002-0224 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of ser...
How severe is CVE-2002-0224?
CVE-2002-0224 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0224?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Internet Information Services, Microsoft Sql Server, Microsoft Windows 2000.