Integer Overflow Vulnerability in Blender Open-Source 3D Creation Suite
CVE-2017-2902
8.8HIGH
What is CVE-2017-2902?
An integer overflow vulnerability exists in the DPX loading functionality of Blender, an open-source 3D creation suite. This flaw can be exploited using a specially crafted '.cin' file. When a user utilizes this file as an asset through the sequencer, it may lead to a buffer overflow condition, allowing attackers to execute arbitrary code within the context of the application. Proper user awareness and software updates are essential to mitigate the risks associated with this vulnerability.
Affected Version(s)
Blender v2.78c
