Stelios Tsampas

**Name of the Vulnerable Software and Affected Versions** Kamailio versions prior to 4.3.5 **Description** The issue is related to a heap-based buffer overflow in the `encode msg` function, located in the `encode msg.c` file of the SEAS module. This overflow can be triggered by a large SIP packet, allowing remote attackers to cause a denial of service, which includes memory corruption and process crash, or possibly execute arbitrary code. **Recommendations** For versions prior to 4.3.5, update to version 4.3.5 or later to resolve the issue. As a temporary workaround, consider restricting the size of incoming SIP packets to prevent exploitation of the `encode msg` function in the SEAS module.

**Name of the Vulnerable Software and Affected Versions** Grassroots DICOM (aka GDCM) versions prior to 2.6.2 **Description** The issue is related to an integer overflow in the ImageRegionReader::ReadIntoBuffer function, which can be triggered by crafted header dimensions in a DICOM image file. This can lead to a buffer overflow, potentially allowing attackers to execute arbitrary code. **Recommendations** For versions prior to 2.6.2, update to version 2.6.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the ImageRegionReader::ReadIntoBuffer function until a patch is available. Avoid processing untrusted or crafted DICOM image files with vulnerable versions of the software.

**Name of the Vulnerable Software and Affected Versions** Grassroots DICOM versions prior to 2.6.2 **Description** The issue allows remote attackers to obtain sensitive information from process memory or cause a denial of service via an embedded JPEG-LS image with dimensions larger than the selected region in a DICOM image file, triggering an out-of-bounds read. **Recommendations** For versions prior to 2.6.2, update to version 2.6.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the JPEGLSCodec::DecodeExtent function until a patch is available.