CVE-2025-53964
BaseFortify
Publication date: 2025-07-17
Last updated on: 2025-11-06
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| goldendict | goldendict | 1.5.0 |
| goldendict | goldendict | 1.5.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-749 | The product provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-53964 is a vulnerability in GoldenDict versions 1.5.0 and 1.5.1 where an exposed dangerous method allows an attacker to read and modify files on the user's system. This happens when a user adds a specially crafted malicious dictionary file (in XDXF format) and searches for any term within it. The vulnerability arises due to lack of sanitization of XML content, execution of embedded JavaScript without restrictions, and weak or disabled Content Security Policy in the Qt browser engine used by GoldenDict to render dictionary content. Exploiting this can lead to code execution and information disclosure. [1]
How can this vulnerability impact me? :
This vulnerability can have critical impacts including unauthorized code execution on your system and disclosure of sensitive information. An attacker can remotely execute malicious code by tricking you into adding a crafted dictionary and performing a search, potentially leading to full compromise of your files and system integrity. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves checking if GoldenDict versions 1.5.0 or 1.5.1 are installed and monitoring for addition of suspicious or crafted dictionary files, especially those in XDXF format containing embedded JavaScript. Since exploitation requires user interaction (adding a malicious dictionary and searching terms), monitoring file system changes in GoldenDict's dictionary directories and scanning dictionary files for embedded scripts can help. Specific commands could include: 1) Listing installed GoldenDict version: `goldendict --version` or checking package manager versions. 2) Searching for suspicious dictionary files: `find /path/to/goldendict/dictionaries -name '*.xdxf' -exec grep -l '<script>' {} +` to find dictionaries containing JavaScript. 3) Monitoring file changes: using `inotifywait` or similar tools to watch dictionary directories for new or modified files. Network detection is limited since the attack is local, but monitoring user actions related to GoldenDict usage may help. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Avoid adding untrusted or unknown dictionary files, especially those in XDXF format. 2) Restrict user permissions to prevent adding or modifying dictionary files. 3) Disable or restrict JavaScript execution within GoldenDict if possible. 4) Monitor and remove any suspicious dictionary files. 5) Keep an eye on official GoldenDict updates or patches addressing this vulnerability and apply them promptly once available. 6) Consider using alternative dictionary software until a patch is released. [1]