CVE-2025-53855
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-28

Last updated on: 2025-12-02

Assigner: Talos

Description
An out-of-bounds write vulnerability exists in the XML parser functionality of GCC Productions Inc. Fade In 4.2.0. A specially crafted .fadein file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-28
Last Modified
2025-12-02
Generated
2026-05-07
AI Q&A
2025-10-28
EPSS Evaluated
2026-05-05
NVD
CVE-2025-53855
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
generalcoffee fade_in 4.2.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an out-of-bounds write in the XML parser functionality of GCC Productions Inc. Fade In 4.2.0. It occurs when a specially crafted .fadein file is processed, allowing an attacker to trigger the out-of-bounds write by providing a malicious file.


How can this vulnerability impact me? :

The vulnerability can lead to high impact on confidentiality, integrity, and availability of the affected system, as indicated by the CVSS score. An attacker can exploit it by providing a malicious .fadein file, potentially causing arbitrary code execution or system compromise.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart