CVE-2025-9900
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-23
Last updated on: 2026-04-20
Assigner: Red Hat, Inc.
Description
Description
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file.
By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| redhat | libtiff | 4.7.0 |
| redhat | compat-libtiff3 | * |
| redhat | libtiff | 4.7.1 |
| redhat | libtiff3 | * |
| redhat | libtiff | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-123 | Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow. |
