CVE-2025-8851

LibTIFF tiffcrop tiffcrop.c readSeparateStripsetoBuffer stack-based overflow

Description

A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to apply a patch to fix this issue.

INFO

Published Date :

2025-08-11T13:32:08.843Z

Last Modified :

2025-08-12T13:43:18.136Z

Source :

VulDB

AFFECTED PRODUCTS

The following products are affected by CVE-2025-8851 vulnerability.

Vendors	Products
Libtiff	Libtiff

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-8851.

URL	Resource
http://www.libtiff.org/
https://gitlab.com/libtiff/libtiff/-/commit/8a7a48d7a645992ca83062b3a1873c951661e2b3
https://nvd.nist.gov/vuln/detail/CVE-2025-8851
https://vuldb.com/?ctiid.319382
https://vuldb.com/?id.319382
https://vuldb.com/?submit.624604
https://www.cve.org/CVERecord?id=CVE-2025-8851

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact