| عنوان | DCMTK v3.7.0+ DEV Heap-based Buffer Overflow |
|---|
| الوصف | A Remote Heap Buffer Overflow vulnerability has been identified in the DCMTK (dcmqrscp), specifically within the database management logic. This flaw could allow a remote attacker to corrupt heap memory, potentially leading to a Denial of Service (DoS) or Remote Code Execution (RCE) on the server.
This vulnerability was coordinated with OFFIS DCMTK and the fix has been commited in https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=0f78a4ef6f645ea5530166e445e5436a5de58e75. The advisory and OFFIS issue tracker entry (https://support.dcmtk.org/redmine/issues/1206) are intentionally not yet public and will be published once the CVE has been assigned. |
|---|
| المصدر | ⚠️ https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=0f78a4ef6f645ea5530166e445e5436a5de58e75 |
|---|
| المستخدم | dapickle (UID 97309) |
|---|
| ارسال | 06/05/2026 09:24 PM (1 شهر منذ) |
|---|
| الاعتدال | 30/05/2026 08:06 PM (24 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 367475 [OFFIS DCMTK 3.7.0 dcmqrscp dcmqrdbi.cc deleteOldestImages تلف الذاكرة] |
|---|
| النقاط | 17 |
|---|