English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 126339 CVE descriptions
and 74190 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

==========================================================Ubuntu Security Notice USN-238-2    January 06, 2006
blender vulnerability
CVE-2005-4470
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

blender

The problem can be corrected by upgrading the affected package to
version 2.37a-1ubuntu1.1.  In general, a standard system upgrade is
sufficient to effect the necessary changes.

The original advisory in USN-238-1 accidentially contained a wrong CVE
number and advisory text. We apologize for this error.

Details follow:

Damian Put discovered that Blender did not properly validate a
'length' value in .blend files. Negative values led to an
insufficiently sized memory allocation. By tricking a user into
opening a specially crafted .blend file, this could be exploited to
execute arbitrary code with the privileges of the Blender user.

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/b/blender/blender_2.37a-1ubuntu1.1.diff.gz
      Size/MD5:    11607 282c2bc853abdd9fcadeb94fd42d293f
    http://security.ubuntu.com/ubuntu/pool/main/b/blender/blender_2.37a-1ubuntu1.1.dsc
      Size/MD5:      759 f6d6c5fe8bba50202cb60db85a1f3240
    http://security.ubuntu.com/ubuntu/pool/main/b/blender/blender_2.37a.orig.tar.gz
      Size/MD5:  7885589 2af6afdb01c1d297c43602982d9a919c

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/b/blender/blender_2.37a-1ubuntu1.1_amd64.deb
      Size/MD5:  4791610 926553266642bd9f625e1b27dccd23ff

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/b/blender/blender_2.37a-1ubuntu1.1_i386.deb
      Size/MD5:  4113452 ee9f2a301ed054d9c56dd2412757465b

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/b/blender/blender_2.37a-1ubuntu1.1_powerpc.deb
      Size/MD5:  4641056 8b75ee14b6ce089d7172c88343a1b821

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.