Daniel Berredo

**Name of the Vulnerable Software and Affected Versions** DCMTK version 3.6.8 **Description** The issue is related to a buffer overflow vulnerability in the EctEnhancedCT method component of the DCMTK library, which is used for working with the DICOM format. This vulnerability is associated with the copying of a buffer without checking the input data. Exploitation of this vulnerability may allow a remote attacker to gain unauthorized access to protected information. The vulnerability allows an attacker to execute arbitrary code. **Recommendations** For DCMTK version 3.6.8, consider disabling the EctEnhancedCT method component as a temporary workaround until a patch is available. Restrict access to the DCMTK library to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.