Ubuntu Security Notice (C) 2008-2013 Canonical, Inc. / NASL script (C) 2009-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
It was discovered that Blender did not correctly handle certain
malformed Radiance RGBE images. If a user were tricked into opening a
.blend file containing a specially crafted Radiance RGBE image, an
attacker could execute arbitrary code with the user's privileges.
It was discovered that Blender did not properly sanitize the Python
search path. A local attacker could execute arbitrary code by
inserting a specially crafted Python file in the Blender working
Update the affected blender package.
Risk factor :
Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 6.0
Public Exploit Available : false