CVE Vulnerabilities

CVE-2002-1139

Published: Oct 11, 2002 | Modified: Oct 12, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a users system, aka Incorrect Target Path for Zipped File Decompression.

Affected Software

Name Vendor Start Version End Version
Windows_xp Microsoft * *
Windows_xp Microsoft * *
Windows_98_plus_pack Microsoft * *
Windows_xp Microsoft * *
Windows_me Microsoft * *

References