CVE-2002-0370

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes; Winzip; Stuffit Expander; Keyview Viewing Sdk
Vendor: CVE Published:; 10 October 2002

Summary

Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.

References

http://www.info.apple.com/usen/security/security_updates....

x_refsource_CONFIRM

http://www.info-zip.org/FAQ.html

x_refsource_CONFIRM

http://www.iss.net/security_center/static/10251.php

vdb-entryx_refsource_XF

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 10, 2002
Vulnerability Reserved
May 8, 2002