7.5

CVE-2002-0370

Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmLotus Notes Version <= 4.5
IbmLotus Notes Version5.0
IbmLotus Notes Version5.0.1
IbmLotus Notes Version5.0.2
IbmLotus Notes Version5.0.3
IbmLotus Notes Version5.0.4
IbmLotus Notes Version5.0.5
IbmLotus Notes Version5.0.9a
IbmLotus Notes Version5.0.10
IbmLotus Notes Version5.0.11
IbmLotus Notes Versionr5
IbmLotus Notes Versionr6
VerityKeyview Viewing Sdk Versiongold
WinzipWinzip Version7.0
MicrosoftWindows Xp Editionhome
MicrosoftWindows Xp Updategold Editionprofessional
MicrosoftWindows Xp Updatesp1 Editionhome
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 43.3% 0.986
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.info.apple.com/usen/security/security_updates.html
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html
http://marc.info/?l=bugtraq&m=103428193409223&w=2
http://securityreason.com/securityalert/587
http://www.info-zip.org/FAQ.html
http://www.iss.net/security_center/static/10251.php
Vendor Advisory
http://www.kb.cert.org/vuls/id/383779
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/5873
Patch
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054