External Format String Vulnerability Affects Merge DICOM Toolkit on Windows
CVE-2024-23914

Currently unrated

Key Information:

Vendor

Merge DICOM Toolkit

Vendor
CVE Published:
3 May 2024

What is CVE-2024-23914?

Use of Externally-Controlled Format String vulnerability in Merge DICOM Toolkit C/C++ on Windows.

When MC_Open_Association() function is used to open DICOM Association and gets DICOM Application Context Name with illegal characters, it might result in an unhandled exception.

References

https://www.nozominetworks.com/labs/vulnerability-advisor...

Timeline

  • Vulnerability published

.