CVE-2024-29734

2024-04-0307:11:05

jpcert

www.cve.org

uncontrolled search path

sonicdicom

media viewer

insecure loading

dynamic link libraries

arbitrary code

privileges

cve-2024-29734

7.2 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Uncontrolled search path element issue exists in SonicDICOM Media Viewer 2.3.2 and earlier, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application.

CNA Affected

[
  {
    "vendor": "Fujidenolo Solutions Co., Ltd.",
    "product": "SonicDICOM Media Viewer",
    "versions": [
      {
        "version": "2.3.2 and earlier",
        "status": "affected"
      }
    ]
  }
]

References

jvn.jp/en/jp/JVN40367518/