Release date: March 1, 2024
Background
CVE-2024-25386 was posted to CVE.org by an independent submission to Mitre on March 1, 2024.
URL: https://www.cve.org/CVERecord?id=CVE-2024-25386
This CVE identifies a potential vulnerability in a DCF (DICOM Connectivity Framework) library utility support file that was included with a DCF Solaris (SunOS 5.8 Sparc) C++ library release (v2.7.6) from Laurel Bridge Software in 2004.
Risk Summary
No users of current products from Laurel Bridge Software should be affected by this CVE.
This version of the DCF library is not part of any of Laurel Bridge Software’s current commercial products and this, now 20-year-old, utility file is not part of any current DCF library releases.
- The last release of the DCF C++ library for Solaris was in 2004 and has reached end-of-life.
- It is no longer supported and is not subject to security updates, patches, or bug fixes.
- It is not sold or included in any other known current commercial products.
Remediation
Anyone who may be using this version of the file cited in the CVE should upgrade or update to a product using a supported version of the DCF library or ensure that the affected system is secure.
Support
Laurel Bridge will continue to investigate this report and will provide additional updates as appropriate.
Please contact [email protected] if you have specific concerns regarding LBS products.
The post Security Notice: CVE-2024-25386 – Potential Vulnerability appeared first on Laurel Bridge Software.