CVE-2017-2918

Name of the Vulnerable Software and Affected Versions Blender version 2.78c

Description The issue is caused by an integer overflow in the image loading module. This can be exploited by using a specially crafted .blend file, potentially allowing an attacker to execute arbitrary code under the context of the application. An attacker can trigger this issue by convincing a user to open the malicious file or use it as a library.

Recommendations For version 2.78c, consider avoiding the use of untrusted .blend files until a patch is available. As a temporary workaround, restrict the use of the image loading functionality to minimize the risk of exploitation.