[CVE-2008-1102] Blender imb_loadhdr() buffer overflow
Bug #222592 reported by
Till Ulen
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Gentoo Linux |
Fix Released
|
Medium
|
|||
blender (Debian) |
Fix Released
|
Unknown
|
|||
blender (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Dapper |
Fix Released
|
Undecided
|
Unassigned | ||
Gutsy |
Fix Released
|
Undecided
|
Unassigned | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned | ||
Intrepid |
Invalid
|
Undecided
|
Unassigned | ||
Jaunty |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: blender
CVE-2008-1102 description:
"Stack-based buffer overflow in the imb_loadhdr function in Blender 2.45 allows user-assisted remote attackers to execute arbitrary code via a .blend file that contains a crafted Radiance RGBE image."
http://
http://
Changed in blender: | |
status: | New → Triaged |
Changed in blender: | |
status: | Unknown → Fix Released |
Changed in blender: | |
importance: | High → Undecided |
Changed in gentoo: | |
importance: | Unknown → Medium |
Changed in gentoo: | |
status: | Confirmed → Unknown |
Changed in gentoo: | |
status: | Unknown → Fix Released |
To post a comment you must log in.
Secunia Research has discovered a vulnerability in Blender, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error within the "imb_loadhdr()" function in source/ blender/ imbuf/intern/ radiance_ hdr.c, which can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted Blender (*.blend) file containing a malicious Radiance RGBE image.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 2.45. Other versions may also be affected.
Solution:
Fixed in the SVN repository.