Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 up to and including 2.40pre allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negative bhead.len value, which causes less memory to be allocated than expected, possibly due to an integer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
blender blenloader 2.27 |
||
blender blenloader 2.28 |
||
blender blenloader 2.28a |
||
blender blenloader 2.34 |
||
blender blenloader 2.35 |
||
blender blenloader 2.25 |
||
blender blenloader 2.26 |
||
blender blenloader 2.33 |
||
blender blenloader 2.33a |
||
blender blenloader |
||
blender blenloader 2.0 |
||
blender blenloader 2.04 |
||
blender blenloader 2.31a |
||
blender blenloader 2.32 |
||
blender blenloader 2.39 |
||
blender blenloader 2.40_alpha |
||
blender blenloader 2.28c |
||
blender blenloader 2.30 |
||
blender blenloader 2.37 |
||
blender blenloader 2.37a |