vulnerability

FreeBSD: gdcm -- multiple vulnerabilities (Multiple CVEs)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	Jan 12, 2016	Feb 1, 2016	Jul 28, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Jan 12, 2016

Added

Feb 1, 2016

Modified

Jul 28, 2025

Description

Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow.

Solution

freebsd-upgrade-package-gdcm

References

CVE-2015-8396
https://attackerkb.com/topics/CVE-2015-8396
CVE-2015-8397
https://attackerkb.com/topics/CVE-2015-8397
URL-http://census-labs.com/news/2016/01/11/gdcm-buffer-overflow-imageregionreaderreadintobuffer/
URL-http://census-labs.com/news/2016/01/11/gdcm-out-bounds-read-jpeglscodec-decodeextent/

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today