CVE Details
Basic Information
| Title | CVE-2025-3484 |
|---|---|
| Type | cve |
| Published | 2025-05-22T01:15:53 |
| Last Seen | 2025-05-22T01:26:09 |
CVSS Information
| Base Score | 9.8 (CRITICAL) |
|---|---|
| Attack Vector | NETWORK |
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | HIGH |
AI Analysis
| AI Description | The vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server without authentication. The issue is due to a stack-based buffer overflow when parsing DICOM files, which can be exploited by a remote attacker to execute arbitrary code. |
|---|---|
| AI Severity | Critical |
| Vendor | MedDream |
| Product | MedDream PACS Server |
| Affected Version |
Additional Information
| CVE List | CVE-2025-3484 |
|---|---|
| CWE List | CWE-121 |
| Bulletin Family | cve |
Description
MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not…
CVSS Score Summary
Base Score: %!f(string=#) (CRITICAL)