CVE-2025-8851

A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to apply a patch to fix this issue.

CVSS v3 5.3 MEDIUM
CVSS v2.0 4.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 3.1 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.libtiff.org/	Product
https://gitlab.com/libtiff/libtiff/-/commit/8a7a48d7a645992ca83062b3a1873c951661e2b3	Patch
https://vuldb.com/?ctiid.319382	Permissions Required VDB Entry
https://vuldb.com/?id.319382	Third Party Advisory VDB Entry
https://vuldb.com/?submit.624604	Third Party Advisory VDB Entry
https://vuldb.com/?submit.624604	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-08-11 14:15

Updated : 2025-10-30 21:10

NVD link : CVE-2025-8851

Mitre link : CVE-2025-8851

CVE.ORG link : CVE-2025-8851

JSON object : View

Products Affected

libtiff

libtiff

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2025-8851", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 1.8}], "cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 4.8, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-08-11T14:15:27.597", "references": [{"url": "http://www.libtiff.org/", "tags": ["Product"], "source": "[email protected]"}, {"url": "https://gitlab.com/libtiff/libtiff/-/commit/8a7a48d7a645992ca83062b3a1873c951661e2b3", "tags": ["Patch"], "source": "[email protected]"}, {"url": "https://vuldb.com/?ctiid.319382", "tags": ["Permissions Required", "VDB Entry"], "source": "[email protected]"}, {"url": "https://vuldb.com/?id.319382", "tags": ["Third Party Advisory", "VDB Entry"], "source": "[email protected]"}, {"url": "https://vuldb.com/?submit.624604", "tags": ["Third Party Advisory", "VDB Entry"], "source": "[email protected]"}, {"url": "https://vuldb.com/?submit.624604", "tags": ["Third Party Advisory", "VDB Entry"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to apply a patch to fix this issue."}, {"lang": "es", "value": "Se detect\u00f3 una vulnerabilidad en LibTIFF hasta la versi\u00f3n 4.5.1. Este problema afecta a la funci\u00f3n readSeparateStripsetoBuffer del archivo tools/tiffcrop.c del componente tiffcrop. Esta manipulaci\u00f3n provoca un desbordamiento del b\u00fafer basado en la pila. Se requiere acceso local para abordar este ataque. El parche se identifica como 8a7a48d7a645992ca83062b3a1873c951661e2b3. Se recomienda aplicar un parche para solucionar este problema."}], "lastModified": "2025-10-30T21:10:36.717", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53F47624-76ED-4160-9AEC-F231D3205A47", "versionEndIncluding": "4.5.1"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}