Vulnerabilities > CVE-2015-8396 - Numeric Errors vulnerability in Grassroots Dicom Project Grassroots Dicom 2.6.0/2.6.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Grassroots DICOM (GDCM) 2.6.0 and 2.6.1 - ImageRegionReader::ReadIntoBuffer Buffer Overflow. CVE-2015-8396. Dos exploit for linux platform |
| file | exploits/linux/dos/39229.cpp |
| id | EDB-ID:39229 |
| last seen | 2016-02-04 |
| modified | 2016-01-12 |
| platform | linux |
| port | |
| published | 2016-01-12 |
| reporter | Stelios Tsampas |
| source | https://www.exploit-db.com/download/39229/ |
| title | Grassroots DICOM GDCM 2.6.0 and 2.6.1 - ImageRegionReader::ReadIntoBuffer Buffer Overflow |
| type | dos |
Nessus
| NASL family | FreeBSD Local Security Checks |
| NASL id | FREEBSD_PKG_E00D8B94C88A11E5B5FE002590263BF5.NASL |
| description | CENSUS S.A. reports : GDCM versions 2.6.0 and 2.6.1 (and possibly previous versions) are prone to an integer overflow vulnerability which leads to a buffer overflow and potentially to remote code execution. GDCM versions 2.6.0 and 2.6.1 (and possibly previous versions) are prone to an out-of-bounds read vulnerability due to missing checks. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 88504 |
| published | 2016-02-01 |
| reporter | This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/88504 |
| title | FreeBSD : gdcm -- multiple vulnerabilities (e00d8b94-c88a-11e5-b5fe-002590263bf5) |
References
- http://census-labs.com/news/2016/01/11/gdcm-buffer-overflow-imageregionreaderreadintobuffer/
- http://packetstormsecurity.com/files/135205/GDCM-2.6.0-2.6.1-Integer-Overflow.html
- http://seclists.org/fulldisclosure/2016/Jan/29
- http://sourceforge.net/p/gdcm/gdcm/ci/e547b1ded3fd21e0b0ad149f13045aa12d4b9b7c/
- http://sourceforge.net/p/gdcm/mailman/message/34670701/
- http://sourceforge.net/p/gdcm/mailman/message/34687533/
- http://www.securityfocus.com/archive/1/537264/100/0/threaded
- https://www.exploit-db.com/exploits/39229/