Orthanc DICOM Server Out-of-Bounds Read Vulnerability in Palette Color Image Decoding

A vulnerability allowing out-of-bounds read has been identified in the Orthanc DICOM Server's image decoding component, specifically within the 'DecodeLookupTable' function of 'DicomImageDecoder.cpp'. This vulnerability affects versions through 1.12.10. The issue arises when the lookup-table decoding logic for 'PALETTE COLOR' images fails to validate pixel indices against the size of the lookup table. As a result, crafted images with indices larger than the palette size can cause the decoder to read beyond the allocated memory for the lookup table, exposing heap contents in the output image.

Impact

Exploitation of this vulnerability leads to out-of-bounds read conditions, allowing the disclosure of heap-resident data, including allocator metadata and portions of adjacent DICOM content through rendered image output. This vulnerability is part of a broader set of issues in Orthanc DICOM Server that includes heap buffer overflows, which can corrupt memory, crash the server, and potentially provide a pathway for remote code execution under certain conditions.

Remediation

Users are advised to upgrade to Orthanc DICOM Server version 1.12.11, which addresses this vulnerability. Consult the Orthanc documentation and release notes for guidance on patching and deployment.