← Volver a CVEs
CVE-2024-23914
MEDIUM5.7
Descripcion
Use of Externally-Controlled Format String vulnerability in Merge DICOM Toolkit C/C++ on Windows. When MC_Open_Association() function is used to open DICOM Association and gets DICOM Application Context Name with illegal characters, it might result in an unhandled exception.
Detalles CVE
Puntuacion CVSS v3.15.7
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Vector de ataqueADJACENT_NETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado5/3/2024
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Debilidades (CWE)
CWE-134
Referencias
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-23914(prodsec@nozominetworks.com)
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-23914(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.