Vulnerability Details CVE-2002-0370
Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.304
EPSS Ranking 96.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html
- http://marc.info/?l=bugtraq&m=103428193409223&w=2
- http://securityreason.com/securityalert/587
- http://www.info-zip.org/FAQ.html
- http://www.info.apple.com/usen/security/security_updates.html
- http://www.iss.net/security_center/static/10251.php
- http://www.kb.cert.org/vuls/id/383779
- http://www.securityfocus.com/bid/5873
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html
- http://marc.info/?l=bugtraq&m=103428193409223&w=2
- http://securityreason.com/securityalert/587
- http://www.info-zip.org/FAQ.html
- http://www.info.apple.com/usen/security/security_updates.html
- http://www.iss.net/security_center/static/10251.php
- http://www.kb.cert.org/vuls/id/383779
- http://www.securityfocus.com/bid/5873
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054
Products affected by CVE-2002-0370
-
cpe:2.3:a:allume_systems_division:stuffit_expander:6.5.2
-
cpe:2.3:a:ibm:lotus_notes:-
-
cpe:2.3:a:ibm:lotus_notes:0.2
-
cpe:2.3:a:ibm:lotus_notes:3.0
-
cpe:2.3:a:ibm:lotus_notes:3.0.0.1
-
cpe:2.3:a:ibm:lotus_notes:3.0.0.2
-
cpe:2.3:a:ibm:lotus_notes:4.2
-
cpe:2.3:a:ibm:lotus_notes:4.2.1
-
cpe:2.3:a:ibm:lotus_notes:4.2.2
-
cpe:2.3:a:ibm:lotus_notes:4.5
-
cpe:2.3:a:ibm:lotus_notes:5.0
-
cpe:2.3:a:ibm:lotus_notes:5.0.1
-
cpe:2.3:a:ibm:lotus_notes:5.0.10
-
cpe:2.3:a:ibm:lotus_notes:5.0.11
-
cpe:2.3:a:ibm:lotus_notes:5.0.2
-
cpe:2.3:a:ibm:lotus_notes:5.0.3
-
cpe:2.3:a:ibm:lotus_notes:5.0.4
-
cpe:2.3:a:ibm:lotus_notes:5.0.5
-
cpe:2.3:a:ibm:lotus_notes:5.0.9a
-
cpe:2.3:a:ibm:lotus_notes:r5
-
cpe:2.3:a:ibm:lotus_notes:r6
-
cpe:2.3:a:microsoft:windows_98_plus_pack:-
-
cpe:2.3:a:verity:keyview_viewing_sdk:gold
-
cpe:2.3:a:winzip:winzip:7.0
-
cpe:2.3:o:microsoft:windows_me:-
-
cpe:2.3:o:microsoft:windows_xp:-