CVE-2002-0370

CVE Database · CVE-2002-0370

CVE-2002-0370

· N/AModified

CVSS v3.1

N/A

EPSS

43.30%

Published

Oct 10, 2002

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.

Affected Products (20)

allume_systems_division · stuffit_expandervulnerable

ibm · lotus_notesvulnerable

References (18)

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html

http://marc.info/?l=bugtraq&m=103428193409223&w=2

http://securityreason.com/securityalert/587

http://www.info-zip.org/FAQ.html

http://www.info.apple.com/usen/security/security_updates.html

http://www.iss.net/security_center/static/10251.php

Vendor Advisory

http://www.kb.cert.org/vuls/id/383779

Third Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/5873

PatchVendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054

KEV Catalog EPSS Scores Vendors All CVEs