all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-23-856: Sante DICOM Viewer Pro JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Add to bookmarks
June 8, 2023, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

arbitrary code attackers code code execution dicom exploit file malicious out-of-bounds out-of-bounds write page parsing pro remote code remote code execution target viewer vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-439: Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability 2 days, 4 hours ago | www.zerodayinitiative.com
arbitrary code attackers bluetooth code +20
ZDI-24-438: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 2 days, 4 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +16
ZDI-24-437: Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability 2 days, 4 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +15
ZDI-24-436: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 2 days, 4 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +16
ZDI-24-435: Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability 2 days, 4 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +15
ZDI-24-434: Dassault Systèmes eDrawings Viewer SAT File Parsing Uninitialized Variable Remote Code Execution Vulnerability 2 days, 4 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +16
ZDI-24-433: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 2 days, 4 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +16
ZDI-24-432: Dassault Systèmes eDrawings Viewer JT File Parsing Memory Corruption Remote Code Execution Vulnerability 2 days, 4 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +17
ZDI-24-431: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 2 days, 4 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Application Security Assurance Associate

@ DTCC | Tampa, FL, United States
View on infosec-jobs.com

Threat Hunter II

@ Microsoft | Hyderabad, Telangana, India
View on infosec-jobs.com

Staff Cyber Security Engineer (Application Security, Emerging Platforms)

@ NBCUniversal | Englewood Cliffs, NEW JERSEY, United States
View on infosec-jobs.com

Cyber Security Senior Cyber Security Engineer

@ Sopra Steria | Noida, Uttar Pradesh, India
View on infosec-jobs.com

Data Protection and Privacy Manager

@ Future PLC | London, England, United Kingdom
View on infosec-jobs.com

RSOC Manager

@ The University of Texas at Austin | AUSTIN, TX
View on infosec-jobs.com
View more jobs