VULHUB ™

Microsoft Windows 98 with Plus! Pack, Windows ME, and Windows XP are all prone to multiple vulnerabilities related to the Compressed Folders feature. The Compressed Folders feature allows zipped archives to be treated as folders. The first issue is a buffer overflow that may be trigged by a malformed filename when a file is being decompressed from a zipped archive. The vulnerability may be exploited to execute arbitrary code as the user decompressing the archive containing the maliciously named file. The second issue may allow an attacker to specify a hostile path for files when a zipped archive is decompressed. A flaw in the decompression function may allow an attacker to cause a file to be decompressed in a directory that is neither the user-specified directory or a child of the user-specified directory. Exploitation of both these issues still requires user interaction, as the victim of the attacker may still decompress a malicious zipped file.

Microsoft Windows 98 with Plus! Pack, Windows ME, and Windows XP are all prone to multiple vulnerabilities related to the Compressed Folders feature. The Compressed Folders feature allows zipped archives to be treated as folders. The first issue is a buffer overflow that may be trigged by a malformed filename when a file is being decompressed from a zipped archive. The vulnerability may be exploited to execute arbitrary code as the user decompressing the archive containing the maliciously named file. The second issue may allow an attacker to specify a hostile path for files when a zipped archive is decompressed. A flaw in the decompression function may allow an attacker to cause a file to be decompressed in a directory that is neither the user-specified directory or a child of the user-specified directory. Exploitation of both these issues still requires user interaction, as the victim of the attacker may still decompress a malicious zipped file.