CVE-2002-0370: Buffer Overflow
First published: Sat Oct 05 2002(Updated: )
Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Lotus Notes | =5.0.1 | |
| IBM Lotus Notes | =r5 | |
| IBM Lotus Notes | =5.0 | |
| IBM Lotus Notes | =5.0.4 | |
| Winzip Winzip | =7.0 | |
| IBM Lotus Notes | =5.0.3 | |
| Allume Systems Division Stuffit Expander | =6.5.2 | |
| IBM Lotus Notes | <=4.5 | |
| Verity Keyview Viewing Sdk | =gold | |
| IBM Lotus Notes | =5.0.11 | |
| IBM Lotus Notes | =5.0.2 | |
| IBM Lotus Notes | =r6 | |
| IBM Lotus Notes | =5.0.5 | |
| IBM Lotus Notes | =5.0.10 | |
| IBM Lotus Notes | =5.0.9a | |
| Microsoft Windows XP | =sp1 | |
| Microsoft Windows XP | =gold | |
| Microsoft Windows 98 Plus Pack | ||
| Microsoft Windows XP | ||
| Microsoft Windows Me |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/5873
- http://www.kb.cert.org/vuls/id/383779
- http://www.iss.net/security_center/static/10251.php
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html
- http://www.info.apple.com/usen/security/security_updates.html
- http://securityreason.com/securityalert/587
- http://www.info-zip.org/FAQ.html
- http://marc.info/?l=bugtraq&m=103428193409223&w=2
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054
- collector/nvd-historical
- vendor/ibm
- product/lotus notes
- canonical/ibm lotus notes
- vendor/winzip
- product/winzip
- canonical/winzip winzip
- vendor/allume systems division
- product/stuffit expander
- canonical/allume systems division stuffit expander
- vendor/verity
- product/keyview viewing sdk
- canonical/verity keyview viewing sdk
- vendor/microsoft
- product/windows xp
- canonical/microsoft windows xp
- product/windows 98 plus pack
- canonical/microsoft windows 98 plus pack
- product/windows me
- canonical/microsoft windows me
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- version/ibm lotus notes/5.0.1
- version/ibm lotus notes/r5
- version/ibm lotus notes/5.0
- version/ibm lotus notes/5.0.4
- version/winzip winzip/7.0
- version/ibm lotus notes/5.0.3
- version/allume systems division stuffit expander/6.5.2
- version/ibm lotus notes/4.5
- version/verity keyview viewing sdk/gold
- version/ibm lotus notes/5.0.11
- version/ibm lotus notes/5.0.2
- version/ibm lotus notes/r6
- version/ibm lotus notes/5.0.5
- version/ibm lotus notes/5.0.10
- version/ibm lotus notes/5.0.9a
- version/microsoft windows xp/sp1
- version/microsoft windows xp/gold