This exploit targets a memory corruption vulnerability in Orthanc DICOM Server 1.1.0 by sending a malformed DICOM Upper Layer Protocol (DUL) packet with an oversized presentation context item length, leading to a stack/heap buffer overflow. The PoC demonstrates the vulnerability by sending a large array of bytes to trigger the overflow, potentially resulting in remote code execution or denial of service.
Classification
Working Poc 95%
Target:
Orthanc DICOM Server 1.1.0
No auth needed
Prerequisites:
Network access to the target DICOM server on port 4242