CVE-2025-8177 Information

Jul 27, 2025 cve

Description

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It is recommended to apply a patch to fix this issue. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Reference

http://www.libtiff.org/ https://gitlab.com/libtiff/libtiff/-/commit/e8c9d6c616b19438695fd829e58ae4fde5bfbc22 https://gitlab.com/libtiff/libtiff/-/issues/715 https://gitlab.com/libtiff/libtiff/-/merge_requests/737 https://vuldb.com/?ctiid.317591 https://vuldb.com/?id.317591 https://vuldb.com/?submit.621797

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

LOW

Base Severity

5.3

CNNVD-202507-3372 (Published: 2025-07-26)

Share on: