CVE-2002-1139

The CVE-2002-1139 issue affects Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP under the Compressed Folders feature. The root cause is that the destination folder is not properly validated during ZIP decompression, allowing an attacker to place an executable in a known location ...

CVE-2002-0759

CVE-2002-0759 affects bzip2 prior to 1.0.2, notably in FreeBSD 4.5 and earlier and OpenLinux 3.1/3.1.1. The issue is that bzip2 does not use the O_EXCL flag to create files during decompression and does not warn if an existing file would be overwritten. This could allow an attacker to overwrite f...

CVE-2002-0760

CVE-2002-0760 describes a race condition in bzip2 prior to 1.0.2 across FreeBSD 4.5 and earlier, and OpenLinux 3.1/3.1.1, where files are decompressed with world-readable permissions before being reset to the permissions specified in the archive, potentially allowing local users to read files dur...

CVE-2002-0059

CVE-2002-0059: The decompression algorithm in zlib 1.1.3 and earlier can cause inflateEnd to free memory more than once (a double free), enabling memory corruption that may allow arbitrary code execution via malformed compression data. Affected: zlib up to version 1.1.3 and earlier. Root cause: d...