Defend what you create

Other Resources


My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets


Name Length Field


Name Length Field is a vulnerability in Google Android that theoretically enables cybercriminals to modify the application’s program package by embedding malicious functionality without damaging the digital signature. Applications for Google Android are distributed as files with .APK extension that are basically ZIP archives containing all components required for the application’s functioning. The vulnerability is caused by the particular methods of the Android operating system’s processing of the APK files’ contents during the application’s installation.

Dr.Web anti-virus for Android detects and removes malicious programs that use the Name Length Field vulnerability just after the beginning of the installation process. Thus, Dr.Web users are effectively protected from such Trojans.

Technical details

Programs' installation packages for Google Android are files with the .APK extension, which, in fact, are common ZIP archives. Every application has its own digital signature. During the application’s installation process on the Android device, the APK archive’s contents are extracted and checked for compliance with the special list of archived files’ control sums.

To be able to use Name Length Field, it is necessary to implement certain changes into the structure of the program package. Moreover, the package should contain two files with the same name — an original file and a modified one. During such application’s installation, the original file is read by one of the Android’s operating system components. However, another component processes only the modified file, which is considered by the system the legit one.

See also information about other vulnerabilities

The Russian developer of Dr.Web anti-viruses
Doctor Web has been developing anti-virus software since 1992
Dr.Web is trusted by users around the world in 200+ countries
The company has delivered an anti-virus as a service since 2007
24/7 tech support

Dr.Web © Doctor Web
2003 — 2021

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125124