[Bug 319501] [NEW] [CVE-2008-4863] - Untrusted search path vulnerability in BPY_interface in Blender 2.46 allows local users to execute arbitrary code

Stefan Lesicnik Wed, 21 Jan 2009 00:05:21 -0800

*** This bug is a security vulnerability ***

Public security bug reported:


Binary package hint: blender

CVE 2008-4863

Untrusted search path vulnerability in BPY_interface in Blender 2.46
allows local users to execute arbitrary code via a Trojan horse Python
file in the current working directory, related to an erroneous setting
of sys.path by the PySys_SetArgv function.

** Affects: blender (Ubuntu)
     Importance: Undecided
         Status: New

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-4863

** Visibility changed to: Public

-- 
[CVE-2008-4863] - Untrusted search path vulnerability in BPY_interface in 
Blender 2.46 allows local users to execute arbitrary code
https://bugs.launchpad.net/bugs/319501
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 319501] [NEW] [CVE-2008-4863] - Untrusted search path vulnerability in BPY_interface in Blender 2.46 allows local users to execute arbitrary code

Reply via email to