CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1002 – MicroDicom DICOM Viewer Improper Certificate Validation
https://notcve.org/view.php?id=CVE-2025-1002
10 Feb 2025 — MicroDicom DICOM Viewer version 2024.03 fails to adequately verify the update server's certificate, which could make it possible for attackers in a privileged network position to alter network traffic and carry out a machine-in-the-middle (MITM) attack. This allows the attackers to modify the server's response and deliver a malicious update to the user. La versión 2024.03 de MicroDicom DICOM Viewer no verifica adecuadamente el certificado del servidor de actualización, lo que podría permitir a los atacantes... • https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-037-01 • CWE-295: Improper Certificate Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33606 – MicroDicom DICOM Viewer Improper Authorization in Handler for Custom URL Scheme
https://notcve.org/view.php?id=CVE-2024-33606
11 Jun 2024 — An attacker could retrieve sensitive files (medical images) as well as plant new medical images or overwrite existing medical images on a MicroDicom DICOM Viewer system. User interaction is required to exploit this vulnerability. Un atacante podría recuperar archivos confidenciales (imágenes médicas), así como colocar nuevas imágenes médicas o sobrescribir imágenes médicas existentes en un sistema MicroDicom DICOM Viewer. Se requiere la interacción del usuario para aprovechar esta vulnerabilidad. • https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-163-01 • CWE-939: Improper Authorization in Handler for Custom URL Scheme •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28877 – MicroDicom DICOM Viewer Stack-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-28877
11 Jun 2024 — MicroDicom DICOM Viewer is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. User interaction is required to exploit this vulnerability. MicroDicom DICOM Viewer es vulnerable a un desbordamiento del búfer basado en pila, lo que puede permitir a un atacante ejecutar código arbitrario en instalaciones afectadas de DICOM Viewer. Se requiere la interacción del usuario para aprovechar esta vulnerabilidad. • https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-163-01 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25578 – MicroDicom DICOM Viewer Out-of-Bounds Write
https://notcve.org/view.php?id=CVE-2024-25578
01 Mar 2024 — MicroDicom DICOM Viewer versions 2023.3 (Build 9342) and prior contain a lack of proper validation of user-supplied data, which could result in memory corruption within the application. MicroDicom DICOM Viewer versiones 2023.3 (compilación 9342) y anteriores contienen una falta de validación adecuada de los datos proporcionados por el usuario, lo que podría provocar daños en la memoria dentro de la aplicación. • https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-060-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22100 – MicroDicom DICOM Heap-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-22100
01 Mar 2024 — MicroDicom DICOM Viewer versions 2023.3 (Build 9342) and prior are affected by a heap-based buffer overflow vulnerability, which could allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. A user must open a malicious DCM file in order to exploit the vulnerability. MicroDicom DICOM Viewer versiones 2023.3 (compilación 9342) y anteriores se ven afectadas por una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico, que podría permitir a un atacante ejecutar có... • https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-060-01 • CWE-122: Heap-based Buffer Overflow •