The undo save quit routine in the kernel in Blender 2.5, 2.63a, and previous versions allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
blender blender |