CVE-2015-8979

Name of the Vulnerable Software and Affected Versions dcmtk versions 3.6.0 and earlier

Description The issue is related to a stack-based buffer overflow in the parsePresentationContext function in storescp. This can be exploited by remote attackers who send a long string to TCP port 4242, resulting in a denial of service, specifically a segmentation fault.

Recommendations For versions 3.6.0 and earlier, consider restricting access to TCP port 4242 to minimize the risk of exploitation until a fix is available. As a temporary workaround, limiting the length of strings processed by the parsePresentationContext function could help mitigate the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.