Secunia Research has discovered a vulnerability in DevIL, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused by a boundary error within the “GetUID()” function in src-IL/src/il_dicom.c. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted DICOM file in an application using the library. The vulnerability is confirmed in version 1.7.8. Other versions may also be affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/83471/secunia-dicom.txt
Source: https://packetstormsecurity.com/files/83471/DevIL-DICOM-GetUID-Buffer-Overflow.html