CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 1CVE-2017-2907 – Debian Security Advisory 4248-1
https://notcve.org/view.php?id=CVE-2017-2907
24 Apr 2018 — An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created '.avi' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset in order to trigger this vulnerability. Existe un desbordamiento de enteros explotable en la funcionalidad de reproducción de animaciones de la suit... • https://lists.debian.org/debian-lts-announce/2018/08/msg00011.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 1CVE-2017-2908 – Debian Security Advisory 4248-1
https://notcve.org/view.php?id=CVE-2017-2908
24 Apr 2018 — An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to render the thumbnail for the file while in the File->Open dialog. Existe un desbordamiento de enteros explotable en la funcionalidad de miniaturas de la suite de código abierto de c... • https://lists.debian.org/debian-lts-announce/2018/08/msg00011.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 1CVE-2017-2918 – Debian Security Advisory 4248-1
https://notcve.org/view.php?id=CVE-2017-2918
24 Apr 2018 — An exploitable integer overflow exists in the Image loading functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use it as a library in order to trigger this vulnerability. Existe un desbordamiento de enteros explotable en la funcionalidad de carga de imágenes de la suite de códi... • https://lists.debian.org/debian-lts-announce/2018/08/msg00011.html • CWE-190: Integer Overflow or Wraparound •