CVE-2025-35984

{"id": "CVE-2025-35984", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2025-08-25T15:15:39.080", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2217", "tags": ["Exploit", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2217", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-122"}]}], "descriptions": [{"lang": "en", "value": "A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .pcx file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to convince the library to read a file to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de corrupci\u00f3n de memoria en la funci\u00f3n de PCX Image Decoding de SAIL Image Decoding Library v0.9.8. Al decodificar los datos de imagen de un archivo .pcx especialmente manipulado, puede producirse un desbordamiento de b\u00fafer basado en el mont\u00f3n, lo que permite la ejecuci\u00f3n remota de c\u00f3digo. Un atacante deber\u00e1 convencer a la librer\u00eda para que lea un archivo para activar esta vulnerabilidad."}], "lastModified": "2025-11-03T19:15:52.450", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sail:sail:0.9.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDFCF91A-2A3D-45C6-A8C3-DD90A646BDAA"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}