Description
Over the last decade, DICOM parsing has become an active research topic. The reason is simple: DICOM is both critical and complicated. Hospitals rely on DICOM-based PACS systems, and those systems often automatically ingest files received over the network. That means malformed data could directly trigger vulnerable decoders -- the holy grail of attack surfaces for those studying robustness.
This white paper presents a concrete case study demonstrating the creation of a heap overflow vulnerability through the exploitation of the DICOM file format. The objective is to show how an Orthanc server can be targeted during the image upload process, resulting in an out-of-bounds write.
## DICOM, Pydicom, GDCM,
and Orthanc
A technical tour of what really happens
in the heap
Download now
Over the last decade, DICOM parsing has become an active research topic. The reason is simple: DICOM is both critical and complicated. Hospitals rely on DICOM-based PACS systems, and those systems often automatically ingest files received over the network. That means malformed data could directly trigger vulnerable decoders -- the holy grail of attack surfaces for those studying robustness.
This white paper presents a concrete case study demonstrating the creation of a heap overflow vulnerability through the exploitation of the DICOM file format. The objective is to show how an Orthanc server can be targeted during the image upload process, resulting in an out-of-bounds write.
## DICOM, Pydicom, GDCM,
and Orthanc
A technical tour of what really happens
in the heap
Download now
Basic Information
ID
TALOSBLOG:9553310FF79DF18D707992EB067AB9BC
Published
May 28, 2026 at 10:00