CVE-2015-8397 — HIGH (8.2) — White Hats Nepal

Q: How severe is CVE-2015-8397?

CVE-2015-8397 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-8397?

Check the references section above for vendor advisories and patch information. Affected products include: Malaterre Grassroots Dicom.

Vulnerability Description

The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (application crash) via an embedded JPEG-LS image with dimensions larger than the selected region in a (1) two-dimensional or (2) three-dimensional DICOM image file, which triggers an out-of-bounds read.

CVSS Score

8.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Malaterre	Grassroots Dicom	< 2.6.2

Related Weaknesses (CWE)

CWE-125

References

http://census-labs.com/news/2016/01/11/gdcm-out-bounds-read-jpeglscodec-decodeexExploitThird Party Advisory
http://packetstormsecurity.com/files/135206/GDCM-2.6.0-2.6.1-Out-Of-Bounds-Read.Third Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2016/Jan/33Mailing ListThird Party Advisory
http://sourceforge.net/p/gdcm/gdcm/ci/e547b1ded3fd21e0b0ad149f13045aa12d4b9b7c/PatchThird Party Advisory
http://sourceforge.net/p/gdcm/mailman/message/34670701/ExploitThird Party Advisory
http://sourceforge.net/p/gdcm/mailman/message/34687533/ExploitThird Party Advisory
http://www.securityfocus.com/archive/1/537263/100/0/threadedThird Party AdvisoryVDB Entry
http://census-labs.com/news/2016/01/11/gdcm-out-bounds-read-jpeglscodec-decodeexExploitThird Party Advisory
http://packetstormsecurity.com/files/135206/GDCM-2.6.0-2.6.1-Out-Of-Bounds-Read.Third Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2016/Jan/33Mailing ListThird Party Advisory
http://sourceforge.net/p/gdcm/gdcm/ci/e547b1ded3fd21e0b0ad149f13045aa12d4b9b7c/PatchThird Party Advisory
http://sourceforge.net/p/gdcm/mailman/message/34670701/ExploitThird Party Advisory
http://sourceforge.net/p/gdcm/mailman/message/34687533/ExploitThird Party Advisory
http://www.securityfocus.com/archive/1/537263/100/0/threadedThird Party AdvisoryVDB Entry

FAQ

What is CVE-2015-8397?

CVE-2015-8397 is a vulnerability with a CVSS score of 8.2 (HIGH). The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows remote attackers to obtain sensitive information from process...

How severe is CVE-2015-8397?

CVE-2015-8397 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-8397?

Check the references section above for vendor advisories and patch information. Affected products include: Malaterre Grassroots Dicom.