CVE-2024-29734

Uncontrolled search path element issue exists in SonicDICOM Media Viewer 2.3.2 and earlier, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

CVE-2024-29734

Uncontrolled search path element issue exists in SonicDICOM Media Viewer 2.3.2 and earlier, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

CVE-2024-29734

Uncontrolled search path element issue exists in SonicDICOM Media Viewer 2.3.2 and earlier, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

CVE-2024-29734

Uncontrolled search path element issue exists in SonicDICOM Media Viewer 2.3.2 and earlier, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

CVE-2024-29734

CVE-2024-29734 (SonicDICOM Media Viewer) involves an uncontrolled DLL search path element in SonicDICOM Media Viewer 2.3.2 and earlier. The root cause is a DLL search path issue (CWE-427) that may lead to insecure loading of Dynamic Link Libraries, allowing arbitrary code to execute with the priv...

PT-2024-22977 · Unknown · Sonicdicom Media Viewer

Name of the Vulnerable Software and Affected Versions: SonicDICOM Media Viewer versions 2.3.2 and earlier Description: An uncontrolled search path element issue exists, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of...

SonicDICOM Media Viewer may insecurely load Dynamic Link Libraries

Overview SonicDICOM Media Viewer provided by Fujidenolo Solutions Co., Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Taihei Shimamine of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to the developer and...

SonicDICOM Media Viewer 安全漏洞

SonicDICOM Media Viewer is a software for viewing medical image files from SonicDICOM, Inc. A security vulnerability exists in SonicDICOM Media Viewer 2.3.2 and prior versions, which stems from a contained DLL search path issue that could lead to unsafe loading of dynamic link libraries...

JVN#40367518: SonicDICOM Media Viewer may insecurely load Dynamic Link Libraries

SonicDICOM Media Viewer provided by Fujidenolo Solutions Co., Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privileges of the running application. Solution Update the Software...

SonicDICOM PACS 2.3.2 CSRF Add Admin Exploit

Summary SonicDICOM is PACS software that combines the capabilities of DICOM Server with web browser based DICOM Viewer. Description The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be...

SonicDICOM PACS 2.3.2 Multiple Stored Cross-Site Scripting Vulnerabilities

Summary SonicDICOM is PACS software that combines the capabilities of DICOM Server with web browser based DICOM Viewer. Description The application suffers from multiple stored XSS vulnerabilities. Input passed to several API POST parameters is not properly sanitised before being returned to the...

SonicDICOM PACS 2.3.2 Remote Vertical Privilege Escalation Exploit

Summary SonicDICOM is PACS software that combines the capabilities of DICOM Server with web browser based DICOM Viewer. Description The application suffers from a privilege escalation vulnerability. Normal user can elevate his/her privileges by sending a HTTP PATCH request seting the parameter...

Multiple Cross-Site Scripting Vulnerabilities in SonicDICOM PACS

SonicDICOM is a PACS software from JIUN Corporation that combines the functionality of DICOM with a web browser based on DICOM Viewer. SonicDICOM has multiple stored cross-site scripting vulnerabilities. The vulnerabilities stem from input passed to multiple API POST parameters failing to validat...

SonicDICOM PACS Elevation of Privilege Vulnerability

SonicDICOM is a PACS software from JIUN Corporation that combines the functionality of DICOM with a web browser based on DICOM Viewer. An elevation of privilege vulnerability exists in SonicDICOM. An ordinary user can exploit this vulnerability to gain administrator privileges to elevate privileg...

SonicDICOM PACS Cross-Site Request Forgery Vulnerability

SonicDICOM is a PACS software from JIUN Corporation that combines the functionality of DICOM with a web browser based on DICOM Viewer. A cross-site request forgery vulnerability exists in SonicDICOM. The application program interface allows a user to perform certain actions via an HTTP request...

SonicDICOM PACS 2.3.2 Remote Vertical Privilege Escalation

SonicDICOM PACS 2.3.2 Remote Vertical Privilege Escalation Exploit Vendor: JIUN Corporation Product web page: https://www.sonicdicom.com Affected version: 2.3.2 and 2.3.1 Summary: SonicDICOM is PACS software that combines the capabilities of DICOM Server with web browser based DICOM Viewer. Desc:...

SonicDICOM PACS 2.3.2 Cross Site Request Forgery

SonicDICOM PACS 2.3.2 CSRF Add Admin Exploit Vendor: JIUN Corporation Product web page: https://www.sonicdicom.com Affected version: 2.3.2 and 2.3.1 Summary: SonicDICOM is PACS software that combines the capabilities of DICOM Server with web browser based DICOM Viewer. Desc: The application...

SonicDICOM PACS 2.3.2 Remote Vertical Privilege Escalation Exploit

Exploit for windows platform in category web applications SonicDICOM PACS 2.3.2 Remote Vertical Privilege Escalation Exploit Vendor: JIUN Corporation Product web page: https://www.sonicdicom.com Affected version: 2.3.2 and 2.3.1 Summary: SonicDICOM is PACS software that combines the capabilities ...

SonicDICOM PACS 2.3.2 Multiple Stored Cross-Site Scripting Vulnerabilities

Exploit for windows platform in category web applications SonicDICOM PACS 2.3.2 Multiple Stored Cross-Site Scripting Vulnerabilities Vendor: JIUN Corporation Product web page: https://www.sonicdicom.com Affected version: 2.3.2 and 2.3.1 Summary: SonicDICOM is PACS software that combines the...

SonicDICOM PACS 2.3.2 Stored Cross Site Scripting

SonicDICOM PACS 2.3.2 Multiple Stored Cross-Site Scripting Vulnerabilities Vendor: JIUN Corporation Product web page: https://www.sonicdicom.com Affected version: 2.3.2 and 2.3.1 Summary: SonicDICOM is PACS software that combines the capabilities of DICOM Server with web browser based DICOM Viewe...