CVE-2024-23913: Use of Out-of-range Pointer Offset vulnerability in Merge DICOM Toolkit C/C++ on Windows. When deprecated MC_XML_To_Message() function is used to...
4.0
CVSS
Description
Use of Out-of-range Pointer Offset vulnerability in Merge DICOM Toolkit C/C++ on Windows.
When deprecated MC_XML_To_Message() function is used to read a malformed DICOM XML file, it might result in memory access violation.
Classification
CVE ID: CVE-2024-23913
CVSS Base Severity: MEDIUM
CVSS Base Score: 4.0
Affected Products
Vendor: Merative
Product: Merge DICOM Toolkit C/C++
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 11.44% (scored less or equal to compared to others)
EPSS Date: 2025-02-03 (when was this score calculated)