What is the severity of CVE-2002-0370?

CVE-2002-0370 is considered a critical vulnerability due to its potential to allow remote code execution and denial of service.

How do I fix CVE-2002-0370?

To fix CVE-2002-0370, apply the latest patches or updates from the software vendors for affected products.

Which products are affected by CVE-2002-0370?

CVE-2002-0370 affects multiple products including certain versions of Microsoft Windows, IBM Lotus Notes, and WinZip.

What type of attack does CVE-2002-0370 enable?

CVE-2002-0370 enables remote attackers to exploit buffer overflow vulnerabilities through specially crafted ZIP files.

What are the potential consequences of exploiting CVE-2002-0370?

Exploiting CVE-2002-0370 can lead to complete system compromise, allowing attackers to execute arbitrary code on affected systems.

Vulnerability/
CVE-2002-0370

high

7.5

CWE

NVD-CWE-Other 119

5/10/2002

8/8/2024

CVE-2002-0370: Buffer Overflow

First published: Sat Oct 05 2002(Updated: )

Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
IBM Lotus Notes	=5.0.1
IBM Lotus Notes	=r5
IBM Lotus Notes	=5.0
IBM Lotus Notes	=5.0.4
WinZip	=7.0
IBM Lotus Notes	=5.0.3
Smithmicro Stuffit Expander	=6.5.2
IBM Lotus Notes	<=4.5
Verity KeyView Viewing SDK	=gold
IBM Lotus Notes	=5.0.11
IBM Lotus Notes	=5.0.2
IBM Lotus Notes	=r6
IBM Lotus Notes	=5.0.5
IBM Lotus Notes	=5.0.10
IBM Lotus Notes	=5.0.9a
Microsoft Windows XP	=sp1
Microsoft Windows XP	=gold
Microsoft Windows 98 Plus Pack
Microsoft Windows XP
Microsoft Windows Me

Remedy

http://www.securityfocus.com/bid/5873

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2002-0370?
CVE-2002-0370 is considered a critical vulnerability due to its potential to allow remote code execution and denial of service.
How do I fix CVE-2002-0370?
To fix CVE-2002-0370, apply the latest patches or updates from the software vendors for affected products.
Which products are affected by CVE-2002-0370?
CVE-2002-0370 affects multiple products including certain versions of Microsoft Windows, IBM Lotus Notes, and WinZip.
What type of attack does CVE-2002-0370 enable?
CVE-2002-0370 enables remote attackers to exploit buffer overflow vulnerabilities through specially crafted ZIP files.
What are the potential consequences of exploiting CVE-2002-0370?
Exploiting CVE-2002-0370 can lead to complete system compromise, allowing attackers to execute arbitrary code on affected systems.

agent/type
collector/mitre-cve
source/MITRE
agent/remedy
agent/weakness
agent/severity
agent/last-modified-date
agent/references
agent/author
agent/first-publish-date
agent/event
agent/description
agent/source
agent/softwarecombine
agent/tags
collector/nvd-historical
vendor/ibm
product/lotus notes
canonical/ibm lotus notes
vendor/winzip
product/winzip
canonical/winzip winzip
vendor/allume systems division
product/stuffit expander
canonical/allume systems division stuffit expander
vendor/verity
product/keyview viewing sdk
canonical/verity keyview viewing sdk
vendor/microsoft
product/windows xp
canonical/microsoft windows xp
product/windows 98 plus pack
canonical/microsoft windows 98 plus pack
product/windows me
canonical/microsoft windows me
agent/software-canonical-lookup-request
collector/nvd-index
version/ibm lotus notes/5.0.1
version/ibm lotus notes/r5
version/ibm lotus notes/5.0
version/ibm lotus notes/5.0.4
canonical/winzip
version/winzip/7.0
version/ibm lotus notes/5.0.3
canonical/smithmicro stuffit expander
version/smithmicro stuffit expander/6.5.2
version/ibm lotus notes/4.5
version/verity keyview viewing sdk/gold
version/ibm lotus notes/5.0.11
version/ibm lotus notes/5.0.2
version/ibm lotus notes/r6
version/ibm lotus notes/5.0.5
version/ibm lotus notes/5.0.10
version/ibm lotus notes/5.0.9a
version/microsoft windows xp/sp1
version/microsoft windows xp/gold