Integer Overflow Vulnerability in Blender Open-Source 3D Creation Suite
CVE-2017-12105
8.8HIGH
What is CVE-2017-12105?
An integer overflow issue exists in Blender's open-source 3D creation suite, specifically in version 2.78c. This flaw arises when applying a certain object modifier to a Mesh. When a specially crafted .blend file is processed, it can trigger an integer overflow leading to a buffer overflow condition. This may facilitate unauthorized code execution within the application context. Attackers can exploit this vulnerability by persuading users to open a malicious .blend file, thereby compromising their system security.
Affected Version(s)
Blender v2.78c (32-bit)
