summaryrefslogtreecommitdiffstats
path: root/data/DTSA
diff options
context:
space:
mode:
authorNeil McGovern <neilm@debian.org>2006-06-14 13:58:26 +0000
committerNeil McGovern <neilm@debian.org>2006-06-14 13:58:26 +0000
commita00b66684f097c4931a156b10173e03134518f64 (patch)
tree404ff66973db96002984f9777487454a07b3e849 /data/DTSA
parent8795d21eeb7592b4a382d4fd570bcc07938aac1d (diff)
Adding new Blender dtsa
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@4208 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/DTSA')
-rw-r--r--data/DTSA/advs/29-blender.adv19
-rw-r--r--data/DTSA/list4
2 files changed, 23 insertions, 0 deletions
diff --git a/data/DTSA/advs/29-blender.adv b/data/DTSA/advs/29-blender.adv
new file mode 100644
index 0000000000..136d299218
--- /dev/null
+++ b/data/DTSA/advs/29-blender.adv
@@ -0,0 +1,19 @@
+source: Blender
+date: June 15th, 2006
+author: Neil McGovern
+vuln-type: heap-based buffer overflow
+problem-scope: remote
+debian-specifc: no
+cve: CVE-2005-4470
+testing-fix: 2.37a-1.1etch1
+sid-fix: 2.40-1
+upgrade: apt-get install blender
+
+A heap-based buffer overflow vulnerability was discovered by Damian Put in
+Blender BlenLoader 2.0 through 2.40pre which allows remote attackers to cause a
+denial of service (application crash) and possibly execute arbitrary code via a
+.blend file with a negative bhead.len value, which causes less memory to be
+allocated than expected, possibly due to an integer overflow.
+
+Please note, this issue has already been fixed in stable in security
+announcement DSA-1039-1
diff --git a/data/DTSA/list b/data/DTSA/list
index 8f9e5044f5..d757db3f37 100644
--- a/data/DTSA/list
+++ b/data/DTSA/list
@@ -78,3 +78,7 @@
[January 25th, 2005] DTSA-28-1 gpdf - multiple vulnerabilities
{CVE-2005-2097 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628 }
- gpdf 2.10.0-1+etch1
+[June 15th, 2006] DTSA-29-1 Blender - heap-based buffer overflow
+ {CVE-2005-4470 }
+ - Blender 2.37a-1.1etch1
+ TODO: unreleased

© 2014-2024 Faster IT GmbH | imprint | privacy policy