bugzilla@redhat.com
2007-May-07 17:35 UTC
[Bug 239338] New: CVE-2007-1253: blender arbitrary python code execution
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239338
Summary: CVE-2007-1253: blender arbitrary python code execution
Product: Fedora Extras
Version: fc6
Platform: All
OS/Version: Linux
Status: NEW
Severity: medium
Priority: medium
Component: blender
AssignedTo: Jochen@herr-schmitt.de
ReportedBy: ville.skytta@iki.fi
QAContact: extras-qa@fedoraproject.org
CC: fedora-security-list@redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1253
"Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for
Blender 0.1.9h, as used in (b) Blender before 2.43, allows user-assisted remote
attackers to execute arbitrary Python code by importing a crafted (1) KML or (2)
KMZ file."
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
bugzilla@redhat.com
2007-May-08 17:10 UTC
[Bug 239338] CVE-2007-1253: blender arbitrary python code execution
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: CVE-2007-1253: blender arbitrary python code execution
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239338
Jochen@herr-schmitt.de changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |CLOSED
Resolution| |NEXTRELEASE
------- Additional Comments From Jochen@herr-schmitt.de 2007-05-08 13:09 EST
-------
I have remove the insecure script from the package.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.