Family: Ubuntu Local Security Checks --> Category: infos
USN238-2 : blender vulnerability Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
The remote package "blender" is missing a security patch.
Damian Put discovered that Blender did not properly validate a
'length' value in .blend files. Negative values led to an
insufficiently sized memory allocation. By tricking a user into
opening a specially crafted .blend file, this could be exploited to
execute arbitrary code with the rights of the Blender user.
Upgrade to :
- blender-2.37a-1ubuntu1.1 (Ubuntu 5.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.