Lucene search

[email protected]CVE-2009-3994

HistoryDec 08, 2009 - 5:30 p.m.

CVE-2009-3994

2009-12-0817:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-3994

buffer overflow

getuid function

devil

dicom

denial of service

remote code execution

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.041 Low

EPSS

Percentile

92.2%

JSON

Stack-based buffer overflow in the GetUID function in src-IL/src/il_dicom.c in DevIL 1.7.8 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted DICOM file.

Affected configurations

NVD

Node

denton_woodsdevilMatch1.7.8

CPENameOperatorVersion
denton_woods:devildenton woods devileq1.7.8

CPE	Name	Operator	Version
denton_woods:devil	denton woods devil	eq	1.7.8

References

lists.fedoraproject.org/pipermail/package-announce/2010-January/033806.html

lists.fedoraproject.org/pipermail/package-announce/2010-January/033809.html

secunia.com/advisories/37507

secunia.com/advisories/37955

secunia.com/secunia_research/2009-51/

sourceforge.net/tracker/?func=detail&aid=2908728&group_id=4470&atid=304470

sourceforge.net/tracker/download.php?group_id=4470&atid=304470&file_id=353841&aid=2908728

www.securityfocus.com/archive/1/508217/100/0/threaded

www.securityfocus.com/bid/37207

exchange.xforce.ibmcloud.com/vulnerabilities/54547

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.041 Low

EPSS

Percentile

92.2%

JSON

Related for CVE-2009-3994

fedora2 nvd1 debiancve1 openvas4 ubuntucve1 cvelist1 securityvulns1 nessus2 prion1