Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
20 Nov 2024, 23:38
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html - | |
References | () http://marc.info/?l=bugtraq&m=103428193409223&w=2 - | |
References | () http://securityreason.com/securityalert/587 - | |
References | () http://www.info-zip.org/FAQ.html - | |
References | () http://www.info.apple.com/usen/security/security_updates.html - | |
References | () http://www.iss.net/security_center/static/10251.php - Vendor Advisory | |
References | () http://www.kb.cert.org/vuls/id/383779 - Third Party Advisory, US Government Resource | |
References | () http://www.securityfocus.com/bid/5873 - Patch, Vendor Advisory | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054 - |
Information
Published : 2002-10-10 04:00
Updated : 2024-11-20 23:38
NVD link : CVE-2002-0370
Mitre link : CVE-2002-0370
CVE.ORG link : CVE-2002-0370
JSON object : View
Products Affected
winzip
- winzip
allume_systems_division
- stuffit_expander
microsoft
- windows_98_plus_pack
- windows_me
- windows_xp
verity
- keyview_viewing_sdk
ibm
- lotus_notes
CWE