Integer Overflow Vulnerability in Blender Open-Source 3D Creation Suite
CVE-2017-2907
8.8HIGH
What is CVE-2017-2907?
An integer overflow vulnerability exists in the animation playing functionality of Blender, specifically in version 2.78c. This flaw can be exploited through a specially crafted '.avi' file that may trigger the overflow, potentially leading to a buffer overflow condition. If successfully executed, this could allow an attacker to execute arbitrary code within the application's context. Users may unknowingly be convinced to utilize the malicious file as an asset, thereby exposing their systems to risks.
Affected Version(s)
Blender v2.78c
