CVE-2002-1139
First published: Fri Oct 11 2002(Updated: )
The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka "Incorrect Target Path for Zipped File Decompression."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows XP | =sp1 | |
| Microsoft Windows XP | =gold | |
| Microsoft Windows 98 Plus Pack | ||
| Microsoft Windows XP | ||
| Microsoft Windows Me |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- vendor/microsoft
- product/windows xp
- canonical/microsoft windows xp
- product/windows 98 plus pack
- canonical/microsoft windows 98 plus pack
- product/windows me
- canonical/microsoft windows me
- collector/nvd-index
- agent/author
- agent/severity
- agent/weakness
- agent/references
- agent/type
- agent/event
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- version/microsoft windows xp/sp1
- version/microsoft windows xp/gold