#44 PATCH: DevIL CVE-2009-3994 DICOM image processing flaw

closed-accepted
None
5
2014-07-16
2009-12-04
No

Stefan Cornelius of Secunia Research found an insufficient
input sanitation in the way DevIL image library used to process
Digital Imaging and Communications in Medicine (DICOM) images.
If a remote attacker could trick a local user to process
a specially-crafted DICOM image in an application, using
the DevIL image processing library, it could lead to
stack-based buffer overflow and denial of service (application
crash).

The attached patch fixes this.

Regards,

Hans de Goede (Fedora DevIl package maintainer)

Discussion

  • Matěj Týč

    Matěj Týč - 2010-01-28
    • assigned_to: nobody --> bubla
    • status: open --> closed-accepted
     
  • Matěj Týč

    Matěj Týč - 2010-01-28

    Thank you, the patch has been committed to the developement branch

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks