dcmtk vulnerabilities and exploits

(subscribe to this query)

(1) movescu.cc and (2) storescp.cc in dcmnet/apps/, (3) dcmnet/libsrc/scp.cc, (4) dcmwlm/libsrc/wlmactmg.cc, (5) dcmprscp.cc and (6) dcmpsrcv.cc in dcmpstat/apps/, (7) dcmpstat/tests/msgserv.cc, and (8) dcmqrdb/apps/dcmqrscp.cc in DCMTK 3.6.1 and previous versions does not check ...

Offis Dcmtk Offis Dcmtk 3.5.1 Offis Dcmtk 3.5.2 Offis Dcmtk 3.5.2a Offis Dcmtk 3.5.3 Offis Dcmtk 3.5.4 Offis Dcmtk 3.6.0

DCMTK up to and including 3.6.6 does not handle memory free properly. The program malloc a heap memory for parsing data, but does not free it when error in parsing. Sending specific requests to the dcmqrdb program incur the memory leak. An attacker can use it to launch a DoS atta...

DCMTK up to and including 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending specific requests to the dcmqrdb program will incur a double free. An attacker can use it to launch a DoS attack.

OFFIS DCMTK's (All versions before 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an malicious user to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.

OFFIS DCMTK's (All versions before 3.6.7) has a NULL pointer dereference vulnerability while processing DICOM files, which may result in a denial-of-service condition.

DCMTK up to and including 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null, which can incur a head-based overflow. An attacker can use it to launch a DoS attack...

DCMTK up to and including 3.6.6 does not handle memory free properly. The malloced memory for storing all file information are recorded in a global variable LST and are not freed properly. Sending specific requests to the dcmqrdb program can incur a memory leak. An attacker can u...

OFFIS DCMTK's (All versions before 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an malicious user to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.

DCMTK v3.6.7 exists to contain a memory leak via the T_ASC_Association object.

Offis Dcmtk 3.6.7

Stack-based buffer overflow in the parsePresentationContext function in storescp in DICOM dcmtk-3.6.0 and previous versions allows remote malicious users to cause a denial of service (segmentation fault) via a long string sent to TCP port 4242.

Debian Debian Linux 8.0 Dicom Dcmtk

1 2 3 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook