CVE-2017-12100

Name of the Vulnerable Software and Affected Versions Blender version 2.78c

Description An integer overflow exists in the 'multires load old dm' functionality, allowing a buffer overflow that can enable code execution under the context of the application. This can be triggered by a specially crafted .blend file, which an attacker can convince a user to open. The issue can be exploited remotely, potentially allowing an attacker to execute arbitrary code.

Recommendations For Blender version 2.78c, consider avoiding the use of the multires load old dm functionality until a patch is available. As a temporary workaround, restrict the opening of .blend files from untrusted sources to minimize the risk of exploitation.