CVE-2009-3850

Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python statements in the onLoad action of a ScriptLink SDNA.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:blender:blender:2.34:*:*:*:*:*:*:*
cpe:2.3:a:blender:blender:2.35a:*:*:*:*:*:*:*
cpe:2.3:a:blender:blender:2.40:*:*:*:*:*:*:*
cpe:2.3:a:blender:blender:2.49b:*:*:*:*:*:*:*

History

No history.

Information

Published : 2009-11-06 15:30

Updated : 2024-02-04 17:33


NVD link : CVE-2009-3850

Mitre link : CVE-2009-3850

CVE.ORG link : CVE-2009-3850


JSON object : View

Products Affected

blender

  • blender
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')