Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in syngo fastView (All versions). The affected application lacks proper validation of user-supplied data when parsing BMP files. This could result in a write-what-where condition and an attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15696)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
任意地址可写任意内容条件
Vulnerability Title
Siemens Syngo FastView 安全漏洞
Vulnerability Description
Siemens Syngo FastView是德国西门子(Siemens)公司的一个 Dicom 交换媒体上提供的 Dicom 2图像的独立查看器。 Siemens Syngo FastView 存在安全漏洞,该漏洞源于受影响的应用程序在以下情况下缺乏对用户提供的数据的正确验证解析 DICOM 文件,这可能导致越界写入结束分配的结构。攻击者可以利用此漏洞在当前进程的上下文中执行代码。
CVSS Information
N/A
Vulnerability Type
N/A