CVE-2005-3302

Name of the Vulnerable Software and Affected Versions Blender version 2.36

Description The issue allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call. This occurs in the bvh import.py module.

Recommendations For Blender version 2.36, consider disabling the eval function call in the bvh import.py module as a temporary workaround until a patch is available. Restrict access to the bvh import.py module to minimize the risk of exploitation. Avoid using the eval function with untrusted input from .bvh files until the issue is resolved.