CVE-2005-4470

Publication date 22 December 2005

Last updated 24 July 2024


Ubuntu priority

Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negative bhead.len value, which causes less memory to be allocated than expected, possibly due to an integer overflow.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
blender 7.04 feisty
Not affected
6.10 edgy
Not affected
6.06 LTS dapper
Not affected

References

Related Ubuntu Security Notices (USN)

    • USN-238-2
    • Blender vulnerability
    • 6 January 2006

Other references