CVE-2009-3994

EPSS 16.9%

Published: 12/8/2009Modified: 4/28/2026

Also known as:DEBIAN-CVE-2009-3994

Description

Stack-based buffer overflow in the GetUID function in src-IL/src/il_dicom.c in DevIL 1.7.8 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted DICOM file.

Affected packages (1)

Debian/devilfrom 0, < 1.7.8-6

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-3994