blender
Page content
- Author: voroskoi
- Vulnerable: 2.42a-2
- Unaffected: 2.42a-3siwenna1
Secunia Research has discovered a vulnerability in Blender, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to the insecure use of the “eval()” function in kmz_ImportWithMesh.py. This can be exploited to execute arbitrary Python commands by tricking a user into importing a specially crafted “*.kml” or “*.kmz” file.
- Bug Tracker URL: http://bugs.frugalware.org/task/1778