CVE-2002-1256

CVE Database · CVE-2002-1256

CVE-2002-1256

· N/AModified

CVSS v3.1

N/A

EPSS

5.41%

Published

Dec 23, 2002

Modified

Apr 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying group policy information sent from a domain controller.

Affected Products (11)

microsoft · windows_2000vulnerable

microsoft · windows_2000_terminal_servicesvulnerable

microsoft · windows_xpvulnerable

microsoft · windows_xp

References (8)

http://www.securityfocus.com/bid/6367

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-070

https://exchange.xforce.ibmcloud.com/vulnerabilities/10843

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A277

http://www.securityfocus.com/bid/6367

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-070

https://exchange.xforce.ibmcloud.com/vulnerabilities/10843

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A277

KEV Catalog EPSS Scores Vendors All CVEs