Lucene search
PRIOn knowledge basePRION:CVE-2017-2904HistoryApr 24, 2018 - 7:29 p.m.
Integer overflow
2018-04-2419:29:00
PRIOn knowledge base
www.prio-n.com
2
0.002 Low
EPSS
Percentile
57.5%
An exploitable integer overflow exists in the RADIANCE loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted ‘.hdr’ file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| blender | eq | 2.78.99 | |
| debian_linux | eq | 8.0 | |
| debian_linux | eq | 9.0 |
Related
talos
talos
Blender Sequencer imb_loadhdr Integer Overflow Code Execution Vulnerability
2018-01-11 00:00:00
nvd
nvd
CVE-2017-2904
2018-04-24 19:29:03
debiancve
debiancve
CVE-2017-2904
2018-04-24 19:29:03
osv
osv
CVE-2017-2904
2018-04-24 19:29:03
blender - security update
2018-08-13 00:00:00
blender - security update
2018-07-17 00:00:00
cve
cve
CVE-2017-2904
2018-04-24 19:29:03
ubuntucve
ubuntucve
CVE-2017-2904
2018-04-24 00:00:00
cvelist
cvelist
CVE-2017-2904
2018-01-11 00:00:00
nessus
nessus
Debian DLA-1465-1 : blender security update
2018-08-15 00:00:00
Debian DSA-4248-1 : blender - security update
2018-07-18 00:00:00
mageia
mageia
Updated blender packages fix security vulnerabilities
2018-08-10 17:37:39
debian
debian
[SECURITY] [DSA 4248-1] blender security update
2018-07-17 20:36:50
[SECURITY] [DLA 1465-1] blender security update
2018-08-13 11:08:55
openvas
openvas
Mageia: Security Advisory (MGASA-2018-0332)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-4248-1)
2018-07-16 00:00:00
Debian: Security Advisory (DLA-1465-1)
2018-08-13 00:00:00