A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited.
https://vuldb.com/?submit.627957
https://vuldb.com/?ctiid.319955
https://gitlab.com/libtiff/libtiff/-/issues/721#note_2670686960
https://gitlab.com/libtiff/libtiff/-/issues/721
https://drive.google.com/file/d/15L4q2eD8GX3Aj3z6SWC3_FbqaM1ChUx2/view?usp=sharing
Published: 2025-08-14
Updated: 2025-08-23
Base Score: 1.7
Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:P
Severity: Low
Base Score: 3.3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Severity: Low
Base Score: 4.8
Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Severity: Medium
EPSS: 0.00015