121 matches found
CVE-2024-47796
An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...
UBUNTU-CVE-2024-47796
An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-52333
An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-52333
CVE-2024-52333 affects OFFIS DCMTK 3.6.8, with an out-of-bounds write caused by improper array index validation in the determineMinMax functionality. A specially crafted DICOM file can trigger this vulnerability. The issue is documented across multiple advisories (notably openSUSE/SUSE patching t...
CVE-2024-52333
An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-47796
An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-52333
An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-47796
An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-47796
CVE-2024-47796 is an out-of-bounds write in OFFIS DCMTK 3.6.8’s nowindow functionality caused by improper array index validation when parsing a crafted DICOM file. A malicious file can trigger this vulnerability, with local attack vector and high impact on confidentiality, integrity, and availabi...
CVE-2024-47796
An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...
OFFIS DCMTK 安全漏洞
OFFIS DCMTK is a collection of libraries and applications that implement most of the DICOM standards from OFFIS Germany. Software for inspecting, building and converting DICOM image files, processing offline media, sending and receiving images over a network connection, as well as a demo image...
OFFIS DCMTK nowindow improper array index validation vulnerability
Talos Vulnerability Report TALOS-2024-2122 OFFIS DCMTK nowindow improper array index validation vulnerability January 13, 2025 CVE Number CVE-2024-47796 SUMMARY An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM fi...
PT-2025-2931
Name of the Vulnerable Software and Affected Versions OFFIS DCMTK version 3.6.8 Description An improper array index validation issue exists in the determineMinMax functionality. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger...
PT-2025-2776
Name of the Vulnerable Software and Affected Versions: OFFIS DCMTK version 3.6.8 Description: An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a maliciou...
openSUSE 15 Security Update : dcmtk (openSUSE-SU-2024:0113-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0113-1 advisory. - An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOIPList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted...
CVE-2024-28130
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOIPList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-28130
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOIPList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
UBUNTU-CVE-2024-28130
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOIPList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-28130
CVE-2024-28130 affects OFFIS DCMTK 3.6.8 (DVPSSoftcopyVOI_PList::createFromImage) with a malformed file enabling arbitrary code execution. Public references in Debian (DCMTK 3.6.5-1+deb11u1 fix), Ubuntu security advisory USN-7010-1, and Fedora dcmtk 3.6.9-2.fc42 indicate multiple distributions ha...
CVE-2024-28130
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOIPList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...