CVE-2024-47796

An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.

CVSS v3 8.4 HIGH

8.4^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.5 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=89a6e399f1e17d08a8bc8cdaa05b2ac9a50cd4f6	Patch
https://talosintelligence.com/vulnerability_reports/TALOS-2024-2122	Exploit Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html
https://lists.debian.org/debian-lts-announce/2025/06/msg00025.html
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2122	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:offis:dcmtk:3.6.8:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-01-13 15:15

Updated : 2025-11-03 21:16

NVD link : CVE-2024-47796

Mitre link : CVE-2024-47796

CVE.ORG link : CVE-2024-47796

JSON object : View

Products Affected

offis

dcmtk

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2024-47796", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2025-01-13T15:15:08.540", "references": [{"url": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=89a6e399f1e17d08a8bc8cdaa05b2ac9a50cd4f6", "tags": ["Patch"], "source": "talos-cna@cisco.com"}, {"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2122", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00025.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2122", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de validaci\u00f3n incorrecta del \u00edndice de matriz en la funcionalidad nowindow de OFFIS DCMTK 3.6.8. Un archivo DICOM manipulado especialmente puede provocar una escritura fuera de los l\u00edmites. Un atacante puede proporcionar un archivo malicioso para activar esta vulnerabilidad."}], "lastModified": "2025-11-03T21:16:30.400", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:offis:dcmtk:3.6.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4A80B78-3210-466A-B051-3516CBDD6B84"}], "operator": "OR"}]}], "sourceIdentifier": "talos-cna@cisco.com"}