Title: Unchecked Buffer in File Decompression Functions Could
Lead to Code Execution (Q329048)
Date: 02 October 2002
Software: Microsoft Windows 98 with Plus! Pack, Windows Me,
or Windows XP
Impact: Two vulnerabilities, the most serious of which could
run code of attacker?s choice
Max Risk: Moderate
Bulletin: MS02-054
Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/MS02-054.asp.
Zipped files (files having a .zip extension) provide a means to
store information in a way that uses less space on a hard disk. This
is accomplished by compressing the files that are put into in the
zipped file. On Windows 98 with Plus! Pack, Windows Me and Windows
XP, the Compressed Folders feature allows zipped files to be treated
as folders. The Compressed Folders feature can be used to create,
add files to, and extract files from zipped files.
Two vulnerabilities exist in the Compressed Folders function:
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS
ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT
SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY
DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL,
CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF
MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION
OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES
SO THE FOREGOING LIMITATION MAY NOT APPLY.