Integer Overflow Vulnerability in Blender's Thumbnail Functionality
CVE-2017-2908
7.5HIGH
What is CVE-2017-2908?
An integer overflow vulnerability exists in the thumbnail functionality of Blender, a popular open-source 3D creation suite. When a specially crafted .blend file is processed, this vulnerability can lead to a buffer overflow, allowing an attacker to execute arbitrary code in the context of the application. By convincing the user to render the thumbnail through the File->Open dialog, an attacker can exploit this flaw, potentially compromising the user's system.
Affected Version(s)
Blender v2.78c
