Unrated severityNVD Advisory· Published Mar 13, 2025· Updated Mar 14, 2025
Santesoft Sante PACS Server Stack-based Buffer Overflow
CVE-2025-2263
Description
During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password. A fixed 0x80-byte stack-based buffer is passed to the function as the output buffer. A stack-based buffer overflow exists if a long encrypted username or password is supplied by an unauthenticated remote attacker.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Santesoft/Sante PACS Serverv5Range: 4.1.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.