CVE-2017-12103

Name of the Vulnerable Software and Affected Versions Blender version 2.78c

Description An integer overflow exists in the way Blender converts text rendered as a font into a curve, allowing for a buffer overflow that can enable code execution under the context of the application. This can be triggered by a specially crafted .blend file, which an attacker can convince a user to open or use as a library.

Recommendations For version 2.78c, consider avoiding the use of specially crafted .blend files until a patch is available. As a temporary workaround, restrict the use of .blend files from untrusted sources to minimize the risk of exploitation.