Candidate: CVE-2009-3994
PublicDate: 2009-12-08 17:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3994
Description:
 Stack-based buffer overflow in the GetUID function in src-IL/src/il_dicom.c
 in DevIL 1.7.8 allows remote attackers to cause a denial of service
 (application crash) or execute arbitrary code via a crafted DICOM file.
Ubuntu-Description:
Notes:
 mdeslaur> vulnerable code isn't in 1.6.x
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_devil:
 upstream: http://sourceforge.net/tracker/download.php?group_id=4470&atid=304470&file_id=353841&aid=2908728
upstream_devil: released (1.7.8-6)
dapper_devil: ignored (reached end-of-life)
hardy_devil: not-affected (1.6.7-5.1)
intrepid_devil: needed (reached end-of-life)
jaunty_devil: ignored (reached end-of-life)
karmic_devil: ignored (reached end-of-life)
lucid_devil: not-affected (1.7.8-6)
maverick_devil: not-affected (1.7.8-6)
natty_devil: not-affected (1.7.8-6)
devel_devil: not-affected (1.7.8-6)