1. CVE-Search
  2. CVE-2002-0370
ID CVE-2002-0370
Summary Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.
References
Vulnerable Configurations
  • cpe:2.3:a:allume_systems_division:stuffit_expander:6.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:allume_systems_division:stuffit_expander:6.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:-:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:-:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:3.0.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:3.0.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:3.0.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:3.0.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:4.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:4.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:4.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:4.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:4.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:r5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:r5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:lotus_notes:r6:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:lotus_notes:r6:*:*:*:*:*:*:*
  • cpe:2.3:a:verity:keyview_viewing_sdk:gold:*:*:*:*:*:*:*
    cpe:2.3:a:verity:keyview_viewing_sdk:gold:*:*:*:*:*:*:*
  • cpe:2.3:a:winzip:winzip:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:winzip:winzip:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:windows_98_plus_pack:*:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:windows_98_plus_pack:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
CVSS
Base: 7.5 (as of 12-10-2018 - 21:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 5873
bugtraq 20021002 R7-0004: Multiple Vendor Long ZIP Entry Filename Processing Issues
cert-vn VU#383779
confirm
sreason 587
vulnwatch 20021002 R7-0004: Multiple Vendor Long ZIP Entry Filename Processing Issues
xf win-zip-decompression-bo(10251)
Last major update 12-10-2018 - 21:31
Published 10-10-2002 - 04:00
Last modified 12-10-2018 - 21:31
Back to Top