CVE-2002-0370

Description

Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.

Related CPE's

Could not find any relations

References

5873

PatchVendor Advisory

VU#383779

Third Party AdvisoryUS Government Resource

win-zip-decompression-bo(10251)

Vendor Advisory

20021002 R7-0004: Multiple Vendor Long ZIP Entry Filename Processing Issues

http://www.info.apple.com/usen/security/security_updates.html

587

http://www.info-zip.org/FAQ.html

20021002 R7-0004: Multiple Vendor Long ZIP Entry Filename Processing Issues

MS02-054

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version	2.0
VectorString	AV:N/AC:L/Au:N/C:P/I:P/A:P
AccessVector	NETWORK
AccessComplexity	LOW
Authentication	NONE
ConfidentialityImpact	PARTIAL
IntegrityImpact	PARTIAL
AvailabilityImpact	PARTIAL
BaseScore	7.5

Created by Yello

About Severity.io