Pixmeo OsiriX MD is vulnerable to a local use after free scenario, which could allow an attacker to locally import a crafted DICOM file and cause memory corruption or a system crash.
Credits
Chizuru Toyama of TXOne Networks and Canaan Kao of TXOne Networks reported these vulnerabilities to CISA.
