CVE-2025-59801 – A stack-based buffer overflow vulnerability exi... (How to Fix)

Q: What is the severity of CVE-2025-59801?

CVE-2025-59801 has a CVSS score of 4.3 (MEDIUM). A stack-based buffer overflow vulnerability exists in Artifex GhostXPS when processing TIFF files due to insufficient validation of the samplesperpixel value. This could allow an attacker to execute arbitrary code or cause a denial of service by providing a specially crafted TIFF file. Users of GhostXPS versions before 10.06.0 are affected.

📋 TL;DR

A stack-based buffer overflow vulnerability exists in Artifex GhostXPS when processing TIFF files due to insufficient validation of the samplesperpixel value. This could allow an attacker to execute arbitrary code or cause a denial of service by providing a specially crafted TIFF file. Users of GhostXPS versions before 10.06.0 are affected.

💻 Affected Systems

Products:

Artifex GhostXPS

Versions: All versions before 10.06.0

Operating Systems: All platforms running GhostXPS

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability is in the TIFF parsing component and affects any system processing TIFF files with GhostXPS.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise if exploited successfully.

🟠

Likely Case

Application crash (denial of service) when processing malicious TIFF files.

🟢

If Mitigated

Limited impact with proper sandboxing and memory protection mechanisms in place.

🌐 Internet-Facing: MEDIUM - Exploitation requires file upload/processing capability.

🏢 Internal Only: LOW - Requires user interaction to open malicious files.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires crafting a malicious TIFF file with manipulated samplesperpixel value to trigger buffer overflow.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.06.0 and later

Vendor Advisory: https://bugs.ghostscript.com/show_bug.cgi?id=708819

Restart Required: No

Instructions:

1. Download GhostXPS 10.06.0 or later from official sources
2. Replace existing GhostXPS installation with updated version
3. Verify installation with version check command

🔧 Temporary Workarounds

Restrict TIFF file processing

all

Block or restrict processing of TIFF files through GhostXPS

🧯 If You Can't Patch

Implement strict input validation for TIFF files before processing
Run GhostXPS in sandboxed/isolated environment with limited privileges

🔍 How to Verify

Check if Vulnerable:

Check GhostXPS version - if below 10.06.0, system is vulnerable

Check Version:

gxps --version

Verify Fix Applied:

Confirm GhostXPS version is 10.06.0 or higher after update

📡 Detection & Monitoring

Log Indicators:

Application crashes when processing TIFF files
Memory access violation errors in system logs

Network Indicators:

Unusual file uploads to systems using GhostXPS

SIEM Query:

search 'GhostXPS crash' OR 'gxps segmentation fault' in application logs

📊 Metadata

CVE ID: CVE-2025-59801

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE: CWE-121

EPSS Score: 0.02% exploit probability (5.4th percentile)

Published: September 22, 2025

Last Updated: September 22, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-59801, you might also want to check these: