{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-8961","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-08-13T16:01:06.782Z","datePublished":"2025-08-14T12:02:08.516Z","dateUpdated":"2025-08-23T15:11:07.640Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-08-23T15:11:07.640Z"},"title":"LibTIFF tiffcrop tiffcrop.c main memory corruption","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-119","lang":"en","description":"Memory Corruption"}]}],"affected":[{"vendor":"n/a","product":"LibTIFF","versions":[{"version":"4.7.0","status":"affected"}],"modules":["tiffcrop"]}],"descriptions":[{"lang":"en","value":"A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited."},{"lang":"de","value":"In LibTIFF 4.7.0 ist eine Schwachstelle entdeckt worden. Davon betroffen ist die Funktion main der Datei tiffcrop.c der Komponente tiffcrop. Die Bearbeitung verursacht memory corruption. Der Angriff muss lokal durchgeführt werden. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":4.8,"vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":3.3,"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R","baseSeverity":"LOW"}},{"cvssV3_0":{"version":"3.0","baseScore":3.3,"vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R","baseSeverity":"LOW"}},{"cvssV2_0":{"version":"2.0","baseScore":1.7,"vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR"}}],"timeline":[{"time":"2025-08-13T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-08-13T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-08-23T17:15:59.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"ucas-xd (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.319955","name":"VDB-319955 | LibTIFF tiffcrop tiffcrop.c main memory corruption","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.319955","name":"VDB-319955 | CTI Indicators (IOB, IOC, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.627957","name":"Submit #627957 | libtiff tiffcrop 4.7.0 (the newest master) Segmentation Fault","tags":["third-party-advisory"]},{"url":"https://gitlab.com/libtiff/libtiff/-/issues/721","tags":["issue-tracking"]},{"url":"https://gitlab.com/libtiff/libtiff/-/issues/721#note_2670686960","tags":["issue-tracking"]},{"url":"https://drive.google.com/file/d/15L4q2eD8GX3Aj3z6SWC3_FbqaM1ChUx2/view?usp=sharing","tags":["exploit"]},{"url":"http://www.libtiff.org/","tags":["product"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-08-14T13:20:40.733180Z","id":"CVE-2025-8961","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-08-14T13:22:21.582Z"}}]}}