← back
CVE-2005-3302

CVE-2005-3302

CVSS 7.3 HIGHEPSS 3.9%CWE-94
Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/27728unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330895http://secunia.com/advisories/19754http://www.debian.org/security/2006/dsa-1039http://www.securityfocus.com/bid/17663