Well, I did some testing (on Ubuntu 12.04, but with multiple versions
of blenderplayer) and thought I would add to the report a bit.
Personally, I think this might be gone, but I will leave this up to
you guys. Here is what I found in some tests with the exploit code.
Looking at the shell code, i
Moritz Muehlenhoff <[EMAIL PROTECTED]> (12/09/2006):
> is this resolved in current Blender releases? It's only exploitable in
> rare corner cases, but still it would be nice to have it fixed in
> Etch.
Hi,
I tried to reproduce this exploit on both sarge and sid (with blender
2.36 and 2.42 respect
Moritz Muehlenhoff wrote:
> Package: blender
> Version: 2.37a-1
> Severity: normal
> Tags: security
>
> A buffer overflow has been found in the args parsing of blenderplayer.
> This is a minor security problem, as it would need to trick someone
> into playing a file with really quite noticably man
Package: blender
Version: 2.37a-1
Severity: normal
Tags: security
A buffer overflow has been found in the args parsing of blenderplayer.
This is a minor security problem, as it would need to trick someone
into playing a file with really quite noticably manipulated file names,
but has been assigned
4 matches
Mail list logo
