CVE-2010-5105

The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103.
Configurations

Configuration 1 (hide)

cpe:2.3:a:blender:blender:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-04-27 20:55

Updated : 2024-02-04 18:35


NVD link : CVE-2010-5105

Mitre link : CVE-2010-5105

CVE.ORG link : CVE-2010-5105


JSON object : View

Products Affected

blender

  • blender
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')