Base Score

MEDIUM4.3

CVE-2025-59801

In Artifex GhostXPS before 10.06.0, there is a stack-based buffer overflow in xps_unpredict_tiff in xpstiff.c because the samplesperpixel value is not checked.

VectorLOCAL

Published Bycve@mitre.org

Published DateSep 22, 2025, 04:15

Weakness Type (CWE):CWE-121

CVSS Metrics

Base Score

4.3

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

CHANGED

Confidentiality (C)

NONE

Integrity (I)

LOW

Availability (A)

NONE

References

https://bugs.ghostscript.com/show_bug.cgi?id=708819
https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=99727069197d548a8db69ba5d63f766bff40eaab

Base Score

MEDIUM4.3

Weakness Type (CWE):CWE-121

CVSS Metrics

Base Score

4.3

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

CHANGED

Confidentiality (C)

NONE

Integrity (I)

LOW

Availability (A)

NONE