216.73.216.86

CVE-2025-59730

· Published 06/10/2025 08:15 · Modified 06/10/2025 14:56

Labels: CVE-2025-59730 2025-10-06CVE-2025-59730CWE-787[email protected]

Essential information

Published
06/10/2025 08:15
Modified
06/10/2025 14:56
Author
Creator
CVSS
5.7 MEDIUM (v3) 5.7 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

When decoding a frame for a SANM file (ANIM v0 variant), the decoded data can be larger than the buffer allocated for it. Frames encoded with codec 48 can specify their resolution (width x height). A buffer of appropriate size is allocated depending on the resolution. This codec can encode the frame contents using a run-length encoding algorithm. There are no checks that the decoded frame fits in the allocated buffer, leading to a heap-buffer-overflow. process_frame_obj initializes the buffers based on the frame resolution: We recommend upgrading to version 8.0 or beyond.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
anim / anim cpe:2.3:a:anim:anim:*:<8.0:*:*:*:*:*:*

References