CVE-2002-1139

N/A

Description

The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka "Incorrect Target Path for Zipped File Decompression."

CVE Details

CVSS v3.1 ScoreN/A

Published10/11/2002

Last Modified4/16/2026

Sourcenvd

Honeypot Sightings0

Affected Products

microsoft:windows_98_plus_packmicrosoft:windows_memicrosoft:windows_xp

References

http://www.iss.net/security_center/static/10252.php(cve@mitre.org)

http://www.securityfocus.com/bid/5876(cve@mitre.org)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054(cve@mitre.org)

http://www.iss.net/security_center/static/10252.php(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/5876(af854a3a-2127-422b-91ae-364da2661108)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.