User: Password:
Subscribe / Log in / New account

blender: embedded code execution

Package(s):blender CVE #(s):CVE-2009-3850
Created:July 13, 2011 Updated:October 31, 2012
Description: Back in 2009, it was reported that arbitrary Python code could be embedded in .blend files; that code would then be executed by the blender application. It is, thus, a remote code execution bug exploitable by a malicious .blend file. As of this writing, the vulnerability is still not fully fixed upstream; see this analysis by Sebastian Pipping for lots of details.
Gentoo 201311-07 blender 2013-11-13
Mageia MGASA-2012-0319 blender 2012-10-30
Fedora FEDORA-2011-8424 blender 2011-06-21
Fedora FEDORA-2011-8474 blender 2011-06-21

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds