Описание
The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| blender | unfixed | package | ||
| blender | no-dsa | squeeze | package | |
| blender | no-dsa | wheezy | package |
Примечания
Neutralised by kernel temp hardening
EPSS
Связанные уязвимости
The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103.
The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103.
The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103.
EPSS