Lucene search

[email protected]CVE-2002-0370

HistoryOct 10, 2002 - 4:00 a.m.

CVE-2002-0370

2002-10-1004:00:00

[email protected]

web.nvd.nist.gov

1036

cve-2002-0370

buffer overflow

dos attack

arbitrary code execution

zip files vulnerability.

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.041 Low

EPSS

Percentile

92.2%

JSON

Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.

Affected configurations

NVD

Node

allume_systems_divisionstuffit_expanderMatch6.5.2

ibmlotus_notesRange≤4.5

ibmlotus_notesMatch5.0

ibmlotus_notesMatch5.0.1

ibmlotus_notesMatch5.0.2

ibmlotus_notesMatch5.0.3

ibmlotus_notesMatch5.0.4

ibmlotus_notesMatch5.0.5

ibmlotus_notesMatch5.0.9a

ibmlotus_notesMatch5.0.10

ibmlotus_notesMatch5.0.11

ibmlotus_notesMatchr5

ibmlotus_notesMatchr6

veritykeyview_viewing_sdkMatchgold

winzipwinzipMatch7.0

Node

microsoftwindows_98_plus_pack

microsoftwindows_me

microsoftwindows_xphome

microsoftwindows_xpgoldprofessional

microsoftwindows_xpsp1home

CPENameOperatorVersion
allume_systems_division:stuffit_expanderallume systems division stuffit expandereq6.5.2
ibm:lotus_notesibm lotus notesle4.5
ibm:lotus_notesibm lotus noteseq5.0
ibm:lotus_notesibm lotus noteseq5.0.1
ibm:lotus_notesibm lotus noteseq5.0.2
ibm:lotus_notesibm lotus noteseq5.0.3
ibm:lotus_notesibm lotus noteseq5.0.4
ibm:lotus_notesibm lotus noteseq5.0.5
ibm:lotus_notesibm lotus noteseq5.0.9a
ibm:lotus_notesibm lotus noteseq5.0.10

CPE	Name	Operator	Version
allume_systems_division:stuffit_expander	allume systems division stuffit expander	eq	6.5.2
ibm:lotus_notes	ibm lotus notes	le	4.5
ibm:lotus_notes	ibm lotus notes	eq	5.0
ibm:lotus_notes	ibm lotus notes	eq	5.0.1
ibm:lotus_notes	ibm lotus notes	eq	5.0.2
ibm:lotus_notes	ibm lotus notes	eq	5.0.3
ibm:lotus_notes	ibm lotus notes	eq	5.0.4
ibm:lotus_notes	ibm lotus notes	eq	5.0.5
ibm:lotus_notes	ibm lotus notes	eq	5.0.9a
ibm:lotus_notes	ibm lotus notes	eq	5.0.10