CVE-2020-36855 | DCMTK up to 3.6.5 dcmqrscp parseQuota StorageQuota stack-based overflow (ID 1026 / 0fef9f02e)

Inserito da Angelo Barbosa | Ott 19, 2025 | CVE

A vulnerability classified as critical has been found in DCMTK up to 3.6.5. The affected element is the function parseQuota of the component dcmqrscp. The manipulation of the argument StorageQuota leads to stack-based buffer overflow.

This vulnerability is uniquely identified as CVE-2020-36855. Local access is required to approach this attack. Moreover, an exploit is present.

It is recommended to upgrade the affected component.

CVE-2020-36855 | DCMTK up to 3.6.5 dcmqrscp parseQuota StorageQuota stack-based overflow (ID 1026 / 0fef9f02e)

Post correlati

CVE-2024-34129 | Adobe Acrobat Mobile Sign up to 24.4.2.33155 on Android path traversal (apsb24-50)

CVE-2024-20528 | Cisco Identity Services Engine Software up to 3.3.0 API path traversal (cisco-sa-ise-multi-vuln-DBQdWRy)

CVE-2024-45276 | MB Connect Line mbNET.mini up to 2.2.13 /tmp file access (VDE-2024-056)

CVE-2024-23180 | appleple A-Blog CMS up to 2.8.x/2.10.49/2.11.57/3.0.28/3.1.6 SVG File input validation