CVE-2002-1139

Sažetak

The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka "Incorrect Target Path for Zipped File Decompression."

Reference

http://www.iss.net/security_center/static/10252.php
http://www.securityfocus.com/bid/5876
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

12-10-2018 - 21:31

Objavljeno

11-10-2002 - 04:00