← Voltar para CVEs
CVE-2024-23914
MEDIUM5.7
Descricao
Use of Externally-Controlled Format String vulnerability in Merge DICOM Toolkit C/C++ on Windows. When MC_Open_Association() function is used to open DICOM Association and gets DICOM Application Context Name with illegal characters, it might result in an unhandled exception.
Detalhes CVE
Pontuacao CVSS v3.15.7
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Vetor de ataqueADJACENT_NETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioREQUIRED
Publicado5/3/2024
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Fraquezas (CWE)
CWE-134
Referencias
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-23914(prodsec@nozominetworks.com)
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-23914(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.