Kendrickzou

**Name of the Vulnerable Software and Affected Versions** OFFIS DCMTK versions up to 3.6.9 **Description** A flaw exists in the DCMTK library, specifically within the `DcmQueryRetrieveIndexDatabaseHandle::startFindRequest` and `DcmQueryRetrieveIndexDatabaseHandle::startMoveRequest` functions located in the `dcmqrdb/libsrc/dcmqrdbi.cc` file of the `dcmqrscp` component. This manipulation can lead to a null pointer dereference. Local access is required for exploitation. **Recommendations** Upgrade to version 3.7.0 to resolve this issue.

**Name of the Vulnerable Software and Affected Versions** OFFIS DCMTK versions prior to 3.7.0 **Description** A flaw exists in the `DcmByteString::makeDicomByteString` function within the `dcmdata/libsrc/dcbytstr.cc` file of the `dcmdata` component. This manipulation can lead to memory corruption and can be exploited remotely. **Recommendations** Upgrade to version 3.7.0 to resolve this issue.