1 Total Results
Displaying 1-1 of 1
Disclosure Date: April 27, 2014 (last updated February 13, 2023)
The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103.