CVE-2025-1052
Published: 11 February 2025
Description
Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mintty. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of sixel images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-23382.
Security Summary
CVE-2025-1052 is a heap-based buffer overflow vulnerability in the sixel image parsing functionality of Mintty, a terminal emulator for Windows. The flaw stems from insufficient validation of the length of user-supplied data before it is copied into a heap-based buffer, potentially leading to remote code execution. Affected installations of Mintty are vulnerable, with the issue tracked as ZDI-CAN-23382 and assigned a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). It corresponds to CWEs 122 (Heap-based Buffer Overflow) and 787 (Out-of-bounds Write).
Remote attackers can exploit this vulnerability by tricking a target user into visiting a malicious web page or opening a malicious file containing a crafted sixel image. No privileges are required on the attacker's part, but user interaction is necessary. Successful exploitation allows the attacker to execute arbitrary code in the context of the current user on the affected Mintty installation.
The Zero Day Initiative published details in advisory ZDI-25-084, available at https://www.zerodayinitiative.com/advisories/ZDI-25-084/. Practitioners should consult this advisory for mitigation guidance, such as applying any available patches or updates to Mintty.
Details
- CWE(s)