Security Notice: CVE-2024-25386 - Potential Vulnerability

Security Notice: CVE-2024-25386 – Potential Vulnerability

Release date: March 1, 2024

Background

CVE-2024-25386 was posted to CVE.org by an independent submission to Mitre on March 1, 2024.

URL: https://www.cve.org/CVERecord?id=CVE-2024-25386

This CVE identifies a potential vulnerability in a DCF (DICOM Connectivity Framework) library utility support file that was included with a DCF Solaris (SunOS 5.8 Sparc) C++ library release (v2.7.6) from Laurel Bridge Software in 2004.

Risk Summary

No users of current products from Laurel Bridge Software should be affected by this CVE.

This version of the DCF library is not part of any of Laurel Bridge Software’s current commercial products and this, now 20-year-old, utility file is not part of any current DCF library releases.

The last release of the DCF C++ library for Solaris was in 2004 and has reached end-of-life.
It is no longer supported and is not subject to security updates, patches, or bug fixes.
It is not sold or included in any other known current commercial products.

Remediation

Anyone who may be using this version of the file cited in the CVE should upgrade or update to a product using a supported version of the DCF library or ensure that the affected system is secure.

Support

Laurel Bridge will continue to investigate this report and will provide additional updates as appropriate.

Please contact support@laurelbridge.com if you have specific concerns regarding LBS products.

Download as PDF

Web Admin2024-03-01T17:23:15-05:00March 1st, 2024|

Security Notice: CVE-2024-25386 – Potential Vulnerability