CVE-2015-8396

CRITICAL

Grassroots DICOM < 2.6.2 - Remote Code Execution via Crafted DICOM Header Dimensions

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-8396. PoCs published by Stelios Tsampas.

AI-analyzed exploit summary This exploit demonstrates an integer overflow vulnerability in GDCM's ImageRegionReader::ReadIntoBuffer function, leading to a buffer overflow. It reads a maliciously crafted DICOM file to trigger the vulnerability.

Description

Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow.

Exploits (1)

exploitdb WORKING POC

by Stelios Tsampas · c++doslinux

https://www.exploit-db.com/exploits/39229

View Code ZIP pw:eip

This exploit demonstrates an integer overflow vulnerability in GDCM's ImageRegionReader::ReadIntoBuffer function, leading to a buffer overflow. It reads a maliciously crafted DICOM file to trigger the vulnerability.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Grassroots DICOM (GDCM) versions 2.6.0 and 2.6.1

No auth needed

Prerequisites: A maliciously crafted DICOM file · Access to a system with vulnerable GDCM library

MITRE ATT&CK