CVSS: 7.1EPSS: 19%CPEs: 5EXPL: 0CVE-2002-1139
https://notcve.org/view.php?id=CVE-2002-1139
11 Oct 2002 — The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka "Incorrect Target Path for Zipped File Decompression." La característica de Carpetas Comprimidas en Microsoft Windows 98 con el paquete Plus!, Windows Me, y Windows XP no comprueba adecuadamente la carpeta de destino durante la desc... • http://www.iss.net/security_center/static/10252.php •
CVSS: 8.4EPSS: 30%CPEs: 20EXPL: 0CVE-2002-0370
https://notcve.org/view.php?id=CVE-2002-0370
05 Oct 2002 — Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0. Desbordamiento de búfer en la capacidad ZIP de múltiples productos permite a atacantes remotos causar una denegación de servicio o ejecu... • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html •