| 제목 | DCMTK 3.7.0 and below Heap-based Buffer Overflow |
|---|
| 설명 | A heap buffer overflow exists in XMLNode::parseFile() in ofstd/libsrc/ofxml.cc. When the function is called with a FIFO (named pipe) as input — which is a supported and documented use case via cda2dcm — the ftell() call returns -1 to signal an error. The code does not check for this error condition (it only checks for l == 0), causing malloc(3) to be called followed by fread() with a size_t-casted -1 value, resulting in an attempt to read up to SIZE_MAX bytes into a 3-byte heap buffer.
CWE: CWE-122 (Heap-based Buffer Overflow)
CVSS (estimated): 8.1 HIGH — AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|---|
| 원천 | ⚠️ https://medium.com/@faboherrera.fabo/dcmtk-vulnerability-report-201afc687790 |
|---|
| 사용자 | FaboHerrrera (UID 98477) |
|---|
| 제출 | 2026. 05. 23. PM 11:44 (29 날 ago) |
|---|
| 모더레이션 | 2026. 06. 21. AM 06:12 (28 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 372599 [OFFIS DCMTK 까지 3.7.0 ofstd/libsrc/ofxml.cc XMLNode::parseFile 메모리 손상] |
|---|
| 포인트들 | 20 |
|---|