Описание
An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to render the thumbnail for the file while in the File->Open dialog.
Ссылки
- Mailing ListThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
7.5 High
CVSS3
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to render the thumbnail for the file while in the File->Open dialog.
An exploitable integer overflow exists in the thumbnail functionality ...
An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to render the thumbnail for the file while in the File->Open dialog.
Уязвимость набора программного обеспечения для создания трехмерной компьютерной графики Blender, вызванная целочисленным переполнением, позволяющая нарушителю выполнить произвольный код
EPSS
7.5 High
CVSS3
7.8 High
CVSS3
6.8 Medium
CVSS2