Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
NanaZip .NET Single-File Parser Integer Underflow Leads to Unbounded Allocation (DoS)
Vulnerability Description
NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, a denial-of-service vulnerability exists in NanaZip’s `.NET Single File Application` parser. A crafted bundle can force an integer underflow in header-size calculation and trigger an unbounded memory allocation attempt during archive open. Versions 6.0.1638.0 and 6.5.1638.0 fix the issue.
CVSS Information
N/A
Vulnerability Type
整数下溢(超界折返)
Vulnerability Title
NanaZip 安全漏洞
Vulnerability Description
NanaZip是M2-Team开源的一个压缩软件。 NanaZip 5.0.1252.0版本至6.0.1638.0之前版本和6.5.1638.0之前版本存在安全漏洞,该漏洞源于.NET Single File Application解析器在头大小计算中存在整数下溢,可能触发无限制内存分配尝试,导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A