CVE-2002-0370
NONE EPSS 98.6%
Published Oct 10, 200223y ago · Modified Jun 16, 20262w ago
Published Oct 10, 2002 23y ago
Last Modified Jun 16, 2026 2w ago
Description
Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.
Threat Intelligence
EPSS Exploit Probability
98.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 20
| Vendor | Product | Version | Range |
|---|---|---|---|
| allume_systems_division | stuffit_expander | 6.5.2 | any |
| ibm | lotus_notes | * | ≤4.5 |
| ibm | lotus_notes | 5.0 | any |
| ibm | lotus_notes | 5.0.1 | any |
| ibm | lotus_notes | 5.0.2 | any |
| ibm | lotus_notes | 5.0.3 | any |
| ibm | lotus_notes | 5.0.4 | any |
| ibm | lotus_notes | 5.0.5 | any |
| ibm | lotus_notes | 5.0.9a | any |
| ibm | lotus_notes | 5.0.10 | any |
| ibm | lotus_notes | 5.0.11 | any |
| ibm | lotus_notes | r5 | any |
| ibm | lotus_notes | r6 | any |
| verity | keyview_viewing_sdk | gold | any |
| winzip | winzip | 7.0 | any |
| microsoft | windows_98_plus_pack | * | any |
| microsoft | windows_me | * | any |
| microsoft | windows_xp | * | any |
| microsoft | windows_xp | * | any |
| microsoft | windows_xp | * | any |
References 9
- archives.neohapsis.com http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html
- marc.info http://marc.info/?l=bugtraq&m=103428193409223&w=2
- securityreason.com http://securityreason.com/securityalert/587
- info-zip.org http://www.info-zip.org/FAQ.html
- info.apple.com http://www.info.apple.com/usen/security/security_updates.html
- iss.net http://www.iss.net/security_center/static/10251.php
- kb.cert.org http://www.kb.cert.org/vuls/id/383779
- securityfocus.com http://www.securityfocus.com/bid/5873
- docs.microsoft.com https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054
Remediation
- securityfocus.com http://www.securityfocus.com/bid/5873