NuytsTech Security

CVE-2010-5105

by ·

The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103.

Date published : 2014-04-27

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584621

https://developer.blender.org/T22509

Tags: