exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

GDCM 2.6.0 / 2.6.1 Integer Overflow

GDCM 2.6.0 / 2.6.1 Integer Overflow
Posted Jan 11, 2016
Authored by Stelios Tsampas

GDCM versions 2.6.0 and 2.6.1 suffer from an integer overflow vulnerability which leads to a buffer overflow and potentially to remote code execution.

tags | advisory, remote, overflow, code execution
advisories | CVE-2015-8396
SHA-256 | 15fb0069bbd76c1bfaa4bf715f85332c78f0b2abe13e67cdfcb884e3e0e18f9e

GDCM 2.6.0 / 2.6.1 Integer Overflow

Change Mirror Download
Grassroots DICOM (GDCM) is a C++ library for processing DICOM medical
images.
It provides routines to view and manipulate a wide range of image formats
and can be accessed through many popular programming languages like Python,
C#, Java and PHP.

GDCM versions 2.6.0 and 2.6.1 (and possibly previous versions) are prone
to an
integer overflow vulnerability which leads to a buffer overflow and
potentially to remote code execution. The vulnerability is triggered by the
exposed function gdcm::ImageRegionReader::ReadIntoBuffer, which copies
DICOM
image data to a buffer. ReadIntoBuffer checks whether the supplied
buffer is
large enough to hold the necessary data, however in this check it fails to
detect the occurrence of an integer overflow, which leads to a buffer
overflow
later on in the code. The buffer overflow will occur regardless of the
size of
the buffer supplied to the ReadIntoBuffer call.

More information about this vulnerability can be found at
http://census-labs.com/news/2016/01/11/gdcm-buffer-overflow-imageregionreaderreadintobuffer/

The GDCM project has released version 2.6.2 that addresses this issue.
It is advised to upgrade all GDCM installations to the latest stable
release.

Disclosure Timeline
-------------------
CVE assignment: December 2nd, 2015
Vendor Contact: December 4th, 2015
Vendor Patch Release: December 23rd, 2015
Public Advisory: January 11th, 2016

Regards,

Stelios Tsampas

IT Security Researcher
CENSUS S.A.
Login or Register to add favorites

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    32 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close