Podatność CVE-2024-28130


Publikacja: 2024-04-23

Opis:
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Typ:

CWE-704

(Incorrect Type Conversion or Cast)

 Referencje:
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1957

Copyright 2024, cxsecurity.com

 

Back to Top