Denial-of-Service Vulnerability in Microsoft Windows XP Remote Desktop
CVE-2002-0864

Currently unrated

Key Information:

Vendor: Microsoft
Status: .net Windows Server
Vendor: CVE Published:; 11 October 2002

What is CVE-2002-0864?

A flaw in the Remote Data Protocol (RDP) version 5.1 associated with Microsoft Windows XP allows attackers to exploit the system when Remote Desktop is activated. This occurs through a malformed PDU Confirm Active data packet that fails to set the Pattern BLT command, which can lead to a crash of the Remote Desktop service, effectively rendering the system unresponsive to legitimate connections. Organizations utilizing Windows XP with Remote Desktop enabled should ensure they are aware of this vulnerability to mitigate potential service interruptions.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://marc.info/?l=bugtraq&m=103236181522253&w=2

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=bugtraq&m=103235745116592&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

20% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 11, 2002
Vulnerability Reserved
Aug 15, 2002