Author: neilm Date: 2006-06-14 13:58:26 +0000 (Wed, 14 Jun 2006) New Revision: 4208 Added: data/DTSA/advs/29-blender.adv Modified: data/DTSA/list Log: Adding new Blender dtsa Added: data/DTSA/advs/29-blender.adv ==================================================================--- data/DTSA/advs/29-blender.adv 2006-06-14 09:14:26 UTC (rev 4207) +++ data/DTSA/advs/29-blender.adv 2006-06-14 13:58:26 UTC (rev 4208) @@ -0,0 +1,19 @@ +source: Blender +date: June 15th, 2006 +author: Neil McGovern +vuln-type: heap-based buffer overflow +problem-scope: remote +debian-specifc: no +cve: CVE-2005-4470 +testing-fix: 2.37a-1.1etch1 +sid-fix: 2.40-1 +upgrade: apt-get install blender + +A heap-based buffer overflow vulnerability was discovered by Damian Put in +Blender BlenLoader 2.0 through 2.40pre which allows remote attackers to cause a +denial of service (application crash) and possibly execute arbitrary code via a +.blend file with a negative bhead.len value, which causes less memory to be +allocated than expected, possibly due to an integer overflow. + +Please note, this issue has already been fixed in stable in security +announcement DSA-1039-1 Modified: data/DTSA/list ==================================================================--- data/DTSA/list 2006-06-14 09:14:26 UTC (rev 4207) +++ data/DTSA/list 2006-06-14 13:58:26 UTC (rev 4208) @@ -78,3 +78,7 @@ [January 25th, 2005] DTSA-28-1 gpdf - multiple vulnerabilities {CVE-2005-2097 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628 } - gpdf 2.10.0-1+etch1 +[June 15th, 2006] DTSA-29-1 Blender - heap-based buffer overflow + {CVE-2005-4470 } + - Blender 2.37a-1.1etch1 + TODO: unreleased