CVE-2025-53510
BaseFortify
Publication date: 2025-08-25
Last updated on: 2025-11-03
Assigner: Talos
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sail | sail | 0.9.8 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-680 | The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a memory corruption issue in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. It occurs when loading a specially crafted .psd file that triggers an integer overflow during stride calculation for decoding. This overflow leads to a heap-based buffer overflow, which can allow an attacker to execute remote code by convincing the library to read a malicious file.
How can this vulnerability impact me? :
The vulnerability can lead to remote code execution, meaning an attacker could potentially run arbitrary code on your system. This could result in unauthorized access, data theft, system compromise, or disruption of services if the vulnerable library processes untrusted .psd files.