PT-2026-22044 · Nanazip · Nanazip
Ho-9
·
Publicado
2026-02-25
·
Atualizado
2026-02-26
·
CVE-2026-27710
CVSS v4.0
5.1
Média
| Vetor | AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
NanaZip versions 5.0.1252.0 through 6.0.1637.0
NanaZip versions 6.5.1637.0
Description
NanaZip contains a flaw in its
.NET Single File Application parser that can lead to a denial-of-service condition. A specially crafted archive can cause an integer underflow during header-size calculation, resulting in an attempt to allocate an unbounded amount of memory when the archive is opened.Recommendations
Update to NanaZip version 6.0.1638.0 or later.
Update to NanaZip version 6.5.1638.0 or later.
Exploit
Correção
DoS
Integer Underflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Nanazip