Back to search
CVE-2002-0370
Published: Oct 5, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.info.apple.com/usen/security/security_updates.html
x_refsource_CONFIRM
http://www.info-zip.org/FAQ.html
x_refsource_CONFIRM
win-zip-decompression-bo(10251)
vdb-entry
x_refsource_XF
20021002 R7-0004: Multiple Vendor Long ZIP Entry Filename Processing Issues
mailing-list
x_refsource_VULNWATCH
587
third-party-advisory
x_refsource_SREASON
20021002 R7-0004: Multiple Vendor Long ZIP Entry Filename Processing Issues
mailing-list
x_refsource_BUGTRAQ
VU#383779
third-party-advisory
x_refsource_CERT-VN
MS02-054
vendor-advisory
x_refsource_MS
5873
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now