CVE-2002-0370

Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:allume_systems_division:stuffit_expander:6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:r5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:r6:*:*:*:*:*:*:*
cpe:2.3:a:verity:keyview_viewing_sdk:gold:*:*:*:*:*:*:*
cpe:2.3:a:winzip:winzip:7.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:microsoft:windows_98_plus_pack:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*

History

20 Nov 2024, 23:38

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html - () http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html -
References () http://marc.info/?l=bugtraq&m=103428193409223&w=2 - () http://marc.info/?l=bugtraq&m=103428193409223&w=2 -
References () http://securityreason.com/securityalert/587 - () http://securityreason.com/securityalert/587 -
References () http://www.info-zip.org/FAQ.html - () http://www.info-zip.org/FAQ.html -
References () http://www.info.apple.com/usen/security/security_updates.html - () http://www.info.apple.com/usen/security/security_updates.html -
References () http://www.iss.net/security_center/static/10251.php - Vendor Advisory () http://www.iss.net/security_center/static/10251.php - Vendor Advisory
References () http://www.kb.cert.org/vuls/id/383779 - Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/383779 - Third Party Advisory, US Government Resource
References () http://www.securityfocus.com/bid/5873 - Patch, Vendor Advisory () http://www.securityfocus.com/bid/5873 - Patch, Vendor Advisory
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054 -

Information

Published : 2002-10-10 04:00

Updated : 2024-11-20 23:38


NVD link : CVE-2002-0370

Mitre link : CVE-2002-0370

CVE.ORG link : CVE-2002-0370


JSON object : View

Products Affected

winzip

  • winzip

allume_systems_division

  • stuffit_expander

microsoft

  • windows_98_plus_pack
  • windows_me
  • windows_xp

verity

  • keyview_viewing_sdk

ibm

  • lotus_notes