Microsoft warns two vulnerabilities exist in the compressed folders function for Windows 98 with Plus! Pack, Windows Me and Windows XP.
These flaws include an unchecked buffer in the programs that handles the decompressing of files from a zipped file. A security vulnerability results because attempts to open a file with a specially malformed filename contained in a zipped file could possibly result in Windows Explorer failing, or in code of the attacker's choice being run.
Secondly, the decompression function could place a file in a directory that was not the same as that specified by the user for zip files. This could allow an attacker to put a file in a known location on the user's system, such as placing a program in a startup directory.
For more, see the Microsoft Web site.