"The first bug is an out-of-bounds read issue affecting the meta-header parser, caused by insufficient input validation in the parsing logic."
"Next is a GZIP decompression bomb flaw in the processing of specific HTTP requests. Because no limit is enforced on decompressed size, a malicious payload could be used to exhaust system memory."
"Another memory exhaustion defect was discovered in ZIP archive processing, where the server trusts metadata describing the uncompressed size of the archived files, allowing an attacker to forge size values."
"A crafted sequence at the end of the buffer can cause the decoder to read beyond the allocated memory region and leak heap data into the rendered image output."
Orthanc, a lightweight DICOM server, has nine vulnerabilities that can lead to server crashes, data leaks, and remote code execution. These vulnerabilities, tracked as CVE-2026-5437 to CVE-2026-5445, stem from insufficient metadata validation, missing checks, and unsafe arithmetic operations. Issues include an out-of-bounds read in the meta-header parser, a GZIP decompression bomb flaw, and memory exhaustion defects in ZIP archive processing. The server's HTTP handling also allows for memory allocation based on user-supplied values, leading to potential server termination.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]