What is CVE-2002-1214?

CVE-2002-1214 is a vulnerability in N/a. Published 2004-09-01.

Is CVE-2002-1214 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2002-1214

Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data.

EPSS: 0.755 (98.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework
ARPSyndicate/cvemon
nitishbadole/oscp-note-2
rmsbpro/rmsbpro

References

5807 (vdb-entry, x_refsource_BID)
win-pptp-packet-bo (10199) (vdb-entry, x_refsource_XF)
MS02-063 (x_refsource_MS, vendor-advisory)
20020926 Microsoft PPTP Server and Client remote vulnerability (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2002-1214?: CVE-2002-1214 is a vulnerability in N/a. Published 2004-09-01.
Is CVE-2002-1214 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.