Debian Blender vulnerabilities

CVE-2017-12099 [HIGH] CVE-2017-12099: blender - An exploitable integer overflow exists in the upgrade of the legacy Mesh attribu... An exploitable integer overflow exists in the upgrade of the legacy Mesh attribute 'tface' of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use it

CVE-2017-2908 [HIGH] CVE-2017-2908: blender - An exploitable integer overflow exists in the thumbnail functionality of the Ble... An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to render the thumbnail for the file while

CVE-2017-12104 [HIGH] CVE-2017-12104: blender - An exploitable integer overflow exists in the way that the Blender open-source 3... An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c draws a Particle object. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use the file as a lib

CVE-2017-2899 [HIGH] CVE-2017-2899: blender - An exploitable integer overflow exists in the TIFF loading functionality of the ... An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the seq

CVE-2017-12082 [HIGH] CVE-2017-12082: blender - An exploitable integer overflow exists in the 'CustomData' Mesh loading function... An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to edit an o

CVE-2017-12086 [HIGH] CVE-2017-12086: blender - An exploitable integer overflow exists in the 'BKE_mesh_calc_normals_tessface' f... An exploitable integer overflow exists in the 'BKE_mesh_calc_normals_tessface' functionality of the Blender open-source 3d creation suite. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open a .blend file in order

CVE-2017-12101 [HIGH] CVE-2017-12101: blender - An exploitable integer overflow exists in the 'modifier_mdef_compact_influences'... An exploitable integer overflow exists in the 'modifier_mdef_compact_influences' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open a .blend file

CVE-2010-5105 [MEDIUM] CVE-2010-5105: blender - The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allo... The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103. Scope: local bookworm: open bullseye: open sid: open trixie: open

CVE-2009-3850 [CRITICAL] CVE-2009-3850: blender - Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrar... Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python statements in the onLoad action of a ScriptLink SDNA. Scope: local bookworm: open bullseye: open sid: open trixie: open

CVE-2008-1102 [MEDIUM] CVE-2008-1102: blender - Stack-based buffer overflow in the imb_loadhdr function in Blender 2.45 allows u... Stack-based buffer overflow in the imb_loadhdr function in Blender 2.45 allows user-assisted remote attackers to execute arbitrary code via a .blend file that contains a crafted Radiance RGBE image. Scope: local bookworm: resolved (fixed in 2.45-5) bullseye: resolved (fixed in 2.45-5) sid: resolved (fixed in 2.45-5) trixie: resolved (fixed in 2.45-5)

CVE-2008-4863 [MEDIUM] CVE-2008-4863: blender - Untrusted search path vulnerability in BPY_interface in Blender 2.46 allows loca... Untrusted search path vulnerability in BPY_interface in Blender 2.46 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySys_SetArgv function. Scope: local bookworm: resolved (fixed in 2.46+dfsg-5) bullseye: resolved (fixed in 2.46+dfsg-5) sid: resolved (fi

CVE-2008-1103 [MEDIUM] CVE-2008-1103: blender - Multiple unspecified vulnerabilities in Blender have unknown impact and attack v... Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues." Scope: local bookworm: resolved (fixed in 2.40-1) bullseye: resolved (fixed in 2.40-1) sid: resolved (fixed in 2.40-1) trixie: resolved (fixed in 2.40-1)

CVE-2007-1253 [CRITICAL] CVE-2007-1253: blender - Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for Blender... Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for Blender 0.1.9h, as used in (b) Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted (1) KML or (2) KMZ file. Scope: local bookworm: resolved (fixed in 2.42a-6) bullseye: resolved (fixed in 2.42a-6) sid: resolved (fixed in 2.42a-6)

CVE-2005-3302 [HIGH] CVE-2005-3302: blender - Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers t... Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call. Scope: local bookworm: resolved (fixed in 2.37a-1) bullseye: resolved (fixed in 2.37a-1) sid: resolved (fixed in 2.37a-1) trixie: resolved (fixed in 2.37a-1)

CVE-2005-4470 [HIGH] CVE-2005-4470: blender - Heap-based buffer overflow in the get_bhead function in readfile.c in Blender Bl... Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negative bhead.len value, which causes less memory to be allocated than expected, possibly due to an integer overflow. Scope: l

CVE-2005-3151 [HIGH] CVE-2005-3151: blender - Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execu... Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execute arbitrary code via a long command line argument. Scope: local bookworm: open bullseye: open sid: open trixie: open