CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Offis: >> Dcmtk >> 3.6.0 Security Vulnerabilities

CVE-2013-6825

(1) movescu.cc and (2) storescp.cc in dcmnet/apps/, (3) dcmnet/libsrc/scp.cc, (4) dcmwlm/libsrc/wlmactmg.cc, (5) dcmprscp.cc and (6) dcmpsrcv.cc in dcmpstat/apps/, (7) dcmpstat/tests/msgserv.cc, and (8) dcmqrdb/apps/dcmqrscp.cc in DCMTK 3.6.1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by creating a large number of processes.

CVSS Score

7.2

EPSS Score

0.001

Published

2014-06-10

Page 2

Vulnerabilities

Vulnerable Software

Offis: >> Dcmtk >> 3.6.0 Security Vulnerabilities

Products

Pricing

Contact Us