Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4470

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4470
Last Modified 07 Mar 2011 09:28:21
Published 21 Dec 2005 07:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4470

Summary

Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negative bhead.len value, which causes less memory to be allocated than expected, possibly due to an integer overflow.

Vulnerable Systems

Application

  • Blender Blenloader 2.0

  • Blender Blenloader 2.04

  • Blender Blenloader 2.25

  • Blender Blenloader 2.26

  • Blender Blenloader 2.27

  • Blender Blenloader 2.28

  • Blender Blenloader 2.28a

  • Blender Blenloader 2.28c

  • Blender Blenloader 2.30

  • Blender Blenloader 2.31a

  • Blender Blenloader 2.32

  • Blender Blenloader 2.33

  • Blender Blenloader 2.33a

  • Blender Blenloader 2.34

  • Blender Blenloader 2.35

  • Blender Blenloader 2.37

  • Blender Blenloader 2.37a

  • Blender Blenloader 2.39

  • Blender Blenloader 2.40 Alpha

  • Blender Blenloader 2.40 Pre


References

VUPEN - ADV-2005-3032

BID - 15981

BUGTRAQ - 20051220 [Overflow.pl] Blender BlenLoader Integer Overflow

MISC - http://www.overflow.pl/adv/blenderinteger.txt

SECUNIA - 18176

UBUNTU - USN-238-2

GENTOO - GLSA-200601-08

DEBIAN - DSA-1039

SECUNIA - 19754

SECUNIA - 18452

SECUNIA - 18178


Last Updated: 27 May 2016 10:41:18