Secunia Research has discovered a vulnerability in Blender, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error within the "imb_loadhdr()" function in source/blender/imbuf/intern/radiance_hdr.c, which can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted Blender (*.blend) file containing a malicious Radiance RGBE image.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 2.45. Other versions may also be affected.
Secunia Research has discovered a vulnerability in Blender, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error within the "imb_loadhdr()" function in source/ blender/ imbuf/intern/ radiance_ hdr.c, which can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted Blender (*.blend) file containing a malicious Radiance RGBE image.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 2.45. Other versions may also be affected.
Solution:
Fixed in the SVN repository.