Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DCMTK dcmqrscp parseQuota stack-based overflow
Vulnerability Description
A security vulnerability has been detected in DCMTK up to 3.6.5. The affected element is the function parseQuota of the component dcmqrscp. The manipulation of the argument StorageQuota leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. Upgrading to version 3.6.6 is sufficient to fix this issue. The identifier of the patch is 0fef9f02e. It is recommended to upgrade the affected component.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
DCMTK 安全漏洞
Vulnerability Description
DCMTK是DCMTK开源的一个实现大部分 DICOM 标准的库和应用程序的集合。用于检查、构建和转换 DICOM 图像文件、处理离线媒体、通过网络连接发送和接收图像的软件,以及演示图像存储和工作列表服务器。 DCMTK 3.6.5及之前版本存在安全漏洞,该漏洞源于对组件dcmqrscp中函数parseQuota的参数StorageQuota的错误操作,可能导致栈缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A