← Back

CVE-2025-25472

nvd nist
Published: Feb 18, 2025Modified: Nov 4, 2025

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Exploitability: 3.9 / Impact: 1.4
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DCM file.

Affected (2)

Offis
1 product
Dcmtk
Debian
1 product
Debian Linux
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Dcmtk
Version 3.6.9
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Debian Linux
Version 11.0

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (2)

Source: cve@mitre.org
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory

Timeline

No history available yet.