[Bf-committers] Blender appears on the Bugtraq security list

Michael Reimpell M.Reimpell at tu-bs.de
Fri Jan 6 22:34:21 CET 2006

> Damian Put discovered that Blender did not properly validate a
> 'length' value in .blend files. Negative values led to an
> insufficiently sized memory allocation. By tricking a user into
> opening a specially crafted .blend file, this could be exploited to
> execute arbitrary code with the privileges of the Blender user.

Why the effort? An OnLoad script link in a valid .blend file is enough for that!

More information about the Bf-committers mailing list