|Summary:||media-gfx/blender KML/KMZ Import Command Injection Vulnerability|
|Product:||Gentoo Security||Reporter:||Executioner <keith>|
|Component:||Vulnerabilities||Assignee:||Gentoo Security <security>|
|Whiteboard:||B2 [glsa] Executioner|
|Package list:||Runtime testing required:||---|
|Bug Depends on:||167694|
Description Executioner 2007-03-01 17:01:36 UTC
Secunia Research has discovered a vulnerability in Blender, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the insecure use of the "eval()" function in kmz_ImportWithMesh.py. This can be exploited to execute arbitrary Python commands by tricking a user into importing a specially crafted "*.kml" or "*.kmz" file. The vulnerability is confirmed in version 2.42a. Prior versions may also be affected. Solution: Update to version 2.43, which no longer includes the affected script. Reproducible: Didn't try http://secunia.com/advisories/24232/
Comment 1 Jakub Moc (RETIRED) 2007-03-01 17:10:11 UTC
(In reply to comment #0) > Solution: > Update to version 2.43, which no longer includes the affected script. blender-2.43 is broken (see Bug 167694); not really a solution.
Comment 2 Sune Kloppenborg Jeppesen (RETIRED) 2007-03-25 07:25:52 UTC
graphics any news on this one?
Comment 3 Raphael Marichez (Falco) (RETIRED) 2007-04-09 18:47:59 UTC
graphics team please advise. If it's such a mess, then we'll have to mask it. It's about code injection, it's serious.
Comment 4 Luca Barbato 2007-04-09 18:52:39 UTC
I'm adding right now blender, people with amd64 please check it... (give me 1h to reshape the ebuild...)
Comment 5 Sune Kloppenborg Jeppesen (RETIRED) 2007-04-11 10:00:18 UTC
Luca, any news on this one?
Comment 6 Luca Barbato 2007-04-11 10:58:18 UTC
I still need somebody with amd64 to test the ebuild. the ebuild is in portage but masked because of that.
Comment 7 Sune Kloppenborg Jeppesen (RETIRED) 2007-04-11 11:20:33 UTC
Ahh no update to Changelog. Maybe just call amd64 to test?
Comment 8 Luca Barbato 2007-04-11 11:59:34 UTC
Should do. amd64 team please test blender-2.43
Comment 9 Peter Weller (RETIRED) 2007-04-12 07:57:32 UTC
Tested on amd64 and removed from package.mask
Comment 10 Luca Barbato 2007-04-12 08:13:49 UTC
I guess we could ask for stabilization then ^^
Comment 11 Sune Kloppenborg Jeppesen (RETIRED) 2007-04-12 09:18:39 UTC
Thx. Arches please test and mark stable. Target keywords are: blender-2.43.ebuild:KEYWORDS="amd64 ppc ppc64 ~sparc x86"
Comment 12 Peter Weller (RETIRED) 2007-04-12 10:28:34 UTC
Comment 13 Raúl Porcel (RETIRED) 2007-04-12 11:42:41 UTC
Comment 14 Markus Rothe (RETIRED) 2007-04-15 18:38:18 UTC
Comment 15 Tobias Scherbaum (RETIRED) 2007-04-17 17:25:02 UTC
Comment 16 Sune Kloppenborg Jeppesen (RETIRED) 2007-05-02 12:06:52 UTC