CVE-2017-12102

Name of the Vulnerable Software and Affected Versions Blender version 2.78c

Description The issue is related to errors when converting curves to polygons, leading to an integer overflow. A specially crafted .blend file can cause this overflow, resulting in a buffer overflow that can allow for code execution under the context of the application. An attacker can trigger this issue by convincing a user to open the malicious file or use it as a library.

Recommendations For Blender version 2.78c, consider avoiding the use of curve to polygon conversion functionality until a patch is available. As a temporary workaround, restrict the opening of .blend files from untrusted sources to minimize the risk of exploitation.