Buffer Overflow Vulnerability in Microsoft PPTP Service on Windows Platforms
CVE-2002-1214

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 2000 Terminal Services; Windows Xp; Windows 2000
Vendor: CVE Published:; 28 October 2002

What is CVE-2002-1214?

The Microsoft PPTP Service on Windows XP and Windows 2000 is susceptible to a buffer overflow that allows remote attackers to disrupt service and potentially execute arbitrary code. This vulnerability can be exploited through specially crafted PPTP packets containing malformed control data. When triggered, it may hang the service, leading to a denial of service, and exposes the system to further attacks. Proper updates and configurations are critical for mitigating this security risk.

References

http://www.securityfocus.com/bid/5807

vdb-entryx_refsource_BID

http://www.iss.net/security_center/static/10199.php

vdb-entryx_refsource_XF

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

80% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 28, 2002
Vulnerability Reserved
Oct 14, 2002