What are the potential risks associated with CVE-2002-1139?

CVE-2002-1139 allows attackers to place executable files in known locations on a user's system, leading to unauthorized code execution.

Which versions of Windows are affected by CVE-2002-1139?

CVE-2002-1139 affects Microsoft Windows 98 with Plus! Pack, Windows Me, and various editions of Windows XP including SP1 and Gold.

How can I mitigate the risk of CVE-2002-1139?

To mitigate CVE-2002-1139, avoid using the Compressed Folders feature for untrusted ZIP files and consider upgrading to a more secure operating system.

What is the severity level of CVE-2002-1139?

CVE-2002-1139 is categorized as a critical vulnerability due to its potential to execute arbitrary code on affected systems.

Is there an official fix for CVE-2002-1139?

CVE-2002-1139 does not have an official patch, but users are advised to follow best security practices and consider system upgrades.

Vulnerability/
CVE-2002-1139

medium

CWE

NVD-CWE-Other

11/10/2002

1/9/2004

8/8/2024

CVE-2002-1139

First published: Fri Oct 11 2002(Updated: )

The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka "Incorrect Target Path for Zipped File Decompression."

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Microsoft Windows XP	=sp1
Microsoft Windows XP	=gold
Microsoft Windows 98 Plus Pack
Microsoft Windows XP
Microsoft Windows Me

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What are the potential risks associated with CVE-2002-1139?
CVE-2002-1139 allows attackers to place executable files in known locations on a user's system, leading to unauthorized code execution.
Which versions of Windows are affected by CVE-2002-1139?
CVE-2002-1139 affects Microsoft Windows 98 with Plus! Pack, Windows Me, and various editions of Windows XP including SP1 and Gold.
How can I mitigate the risk of CVE-2002-1139?
To mitigate CVE-2002-1139, avoid using the Compressed Folders feature for untrusted ZIP files and consider upgrading to a more secure operating system.
What is the severity level of CVE-2002-1139?
CVE-2002-1139 is categorized as a critical vulnerability due to its potential to execute arbitrary code on affected systems.
Is there an official fix for CVE-2002-1139?
CVE-2002-1139 does not have an official patch, but users are advised to follow best security practices and consider system upgrades.

collector/nvd-historical
vendor/microsoft
product/windows xp
canonical/microsoft windows xp
product/windows 98 plus pack
canonical/microsoft windows 98 plus pack
product/windows me
canonical/microsoft windows me
collector/nvd-index
agent/type
agent/first-publish-date
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/author
agent/references
agent/last-modified-date
agent/description
agent/tags
agent/event
agent/source
version/microsoft windows xp/sp1
version/microsoft windows xp/gold

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.