Abstract
A bug in DCMTK for versions prior to 3.6.1 has been found. The bug is caused by not checking the return value of setuid() call. The process must not continue its normal execution when this call fails (return an error) to drop privileges.
Original language | English |
---|---|
Type | CVE-2013-6825 |
Publisher | http://hmarco.org |
Publication status | Published - 25 Mar 2014 |