Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.ĬISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities.Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.Do not click web links or open attachments in unsolicited email messages.Santesoft released an updated version of their product and recommends updating Sante DICOM Viewer Pro to v12.2.6.ĬISA also recommends users take the following measures to protect themselves from social engineering attacks: Michael Heinzl reported these vulnerabilities to CISA. CRITICAL INFRASTRUCTURE SECTORS: Healthcare and Public Health.A CVSS v3 base score of 7.8 has been calculated the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.ĬVE-2023-35986 has been assigned to this vulnerability. This could lead to a stack-based buffer overflow. Sante DICOM Viewer Pro lacks proper validation of user-supplied data when parsing DICOM files. A CVSS v3 base score of 7.8 has been calculated the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).ģ.2.2 STACK-BASED BUFFER OVERFLOW CWE-121 An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.ĬVE-2023-39431 has been assigned to this vulnerability. This could lead to an out-of-bounds write. Sante DICOM Viewer Pro: v12.2.4 and prior.The following Santesoft products are affected: Successful exploitation of these vulnerabilities could allow an attacker to disclose information and execute arbitrary code. Vulnerabilities: Out-of-bounds Write, Stack-based Buffer Overflow.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |