CVE-2023-5059: Santesoft Sante FFT Imaging Out-of-bounds Read
First published: Thu Oct 19 2023(Updated: )
Santesoft Sante FFT Imaging lacks proper validation of user-supplied data when parsing DICOM files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
Credit: ics-cert@hq.dhs.gov ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| <1.4.1 |
Remedy
Santesoft has released an updated version of their product and recommends users update to Sante FFT Imaging to v1.4.1 https://santesoft.com/win/sante-fft-imaging/download.html .
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of the Santesoft Sante FFT Imaging vulnerability?
The vulnerability ID of the Santesoft Sante FFT Imaging vulnerability is CVE-2023-5059.
What is the severity of CVE-2023-5059?
The severity of CVE-2023-5059 is high.
How does the Santesoft Sante FFT Imaging vulnerability occur?
The vulnerability occurs due to the lack of proper validation of user-supplied data when parsing DICOM files in Santesoft Sante FFT Imaging.
What is the impact of CVE-2023-5059?
The impact of CVE-2023-5059 is the potential execution of arbitrary code in the context of the current process.
How can I mitigate the Santesoft Sante FFT Imaging vulnerability?
To mitigate the vulnerability, users should update to version 1.4.2 or later of Santesoft Sante FFT Imaging.
- collector/nvd-index
- agent/author
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/references
- agent/remedy
- agent/weakness
- agent/description
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/santesoft
- canonical/santesoft fft imaging