An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
References
Link | Resource |
---|---|
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=03e851b0586d05057c3268988e180ffb426b2e03 | Patch |
https://talosintelligence.com/vulnerability_reports/TALOS-2024-2121 | Exploit Third Party Advisory |
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2121 | Exploit Third Party Advisory |
Configurations
History
24 Jun 2025, 13:44
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:offis:dcmtk:3.6.8:*:*:*:*:*:*:* | |
First Time |
Offis
Offis dcmtk |
|
References | () https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=03e851b0586d05057c3268988e180ffb426b2e03 - Patch | |
References | () https://talosintelligence.com/vulnerability_reports/TALOS-2024-2121 - Exploit, Third Party Advisory | |
References | () https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2121 - Exploit, Third Party Advisory | |
Summary |
|
13 Jan 2025, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 Jan 2025, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-01-13 15:15
Updated : 2025-06-24 13:44
NVD link : CVE-2024-52333
Mitre link : CVE-2024-52333
CVE.ORG link : CVE-2024-52333
JSON object : View
Products Affected
offis
- dcmtk
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer