CVE-2005-4470

Name of the Vulnerable Software and Affected Versions Blender BlenLoader versions 2.0 through 2.40pre

Description The issue is related to a heap-based buffer overflow in the get bhead function, which can be triggered by a .blend file containing a negative bhead.len value. This causes less memory to be allocated than expected, potentially due to an integer overflow, allowing remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.

Recommendations For versions 2.0 through 2.40pre, consider avoiding the use of .blend files with negative bhead.len values until a patch is available. As a temporary workaround, restrict the opening of untrusted .blend files to minimize the risk of exploitation.