Lucene search
GoogleOSV:CVE-2017-2901HistoryApr 24, 2018 - 7:29 p.m.
CVE-2017-2901
2018-04-2419:29:03
Google
osv.dev
3
EPSS
0.002
Percentile
57.4%
An exploitable integer overflow exists in the IRIS loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted ‘.iris’ file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability.
Related
debiancve
debiancve
CVE-2017-2901
2018-04-24 19:29:03
ubuntucve
ubuntucve
CVE-2017-2901
2018-04-24 00:00:00
talos
talos
Blender Sequencer imb_loadiris Integer Overflow Code Execution Vulnerability
2018-01-11 00:00:00
cve
cve
CVE-2017-2901
2018-04-24 19:29:03
prion
prion
Integer overflow
2018-04-24 19:29:00
cvelist
cvelist
CVE-2017-2901
2018-04-24 19:00:00
nvd
nvd
CVE-2017-2901
2018-04-24 19:29:03
osv
osv
blender - security update
2018-07-17 00:00:00
blender - security update
2018-08-13 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4248-1)
2018-07-16 00:00:00
Debian: Security Advisory (DLA-1465-1)
2018-08-13 00:00:00
Mageia: Security Advisory (MGASA-2018-0332)
2022-01-28 00:00:00
debian
debian
[SECURITY] [DLA 1465-1] blender security update
2018-08-13 11:08:55
[SECURITY] [DSA 4248-1] blender security update
2018-07-17 20:36:50
nessus
nessus
Debian DLA-1465-1 : blender security update
2018-08-15 00:00:00
Debian DSA-4248-1 : blender - security update
2018-07-18 00:00:00
mageia
mageia
Updated blender packages fix security vulnerabilities
2018-08-10 17:37:39