Integer Overflow Vulnerability in Blender Open-Source 3D Creation Suite
CVE-2017-12086
8.8HIGH
What is CVE-2017-12086?
An integer overflow vulnerability exists in Blender's 'BKE_mesh_calc_normals_tessface' functionality. This flaw allows attackers to create specially crafted .blend files that, when opened, can trigger a buffer overflow leading to potential arbitrary code execution within the application context. Users may unknowingly be targeted by receiving a malicious .blend file, which, upon opening, can exploit this vulnerability.
Affected Version(s)
Blender v2.78c
