2 matches found
Blender Sequencer imb_load_dpx_cineon Integer Overflow Code Execution Vulnerability
Summary An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .cin file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...
CVE-2017-2890
The CVE-2017-2890 vulnerability affects Circle with Disney devices running firmware 2.0.1. The /api/CONFIG/restore endpoint is exploitable: the server builds a shell command using the user-supplied appid parameter without sanitization, leading to OS command injection when an authenticated user in...