CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-3850

Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python statements in the onLoad action of a ScriptLink SDNA.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.039

EPSS Ranking 87.7%

CVSS Severity

CVSS v2 Score 9.3

References

http://www.coresecurity.com/content/blender-scripting-injection
http://www.securityfocus.com/archive/1/507706/100/0/threaded
http://www.securityfocus.com/bid/36838
http://www.coresecurity.com/content/blender-scripting-injection
http://www.securityfocus.com/archive/1/507706/100/0/threaded
http://www.securityfocus.com/bid/36838

Products affected by CVE-2009-3850

Blender » Blender » Version: 2.34

cpe:2.3:a:blender:blender:2.34
Blender » Blender » Version: 2.35a

cpe:2.3:a:blender:blender:2.35a
Blender » Blender » Version: 2.40

cpe:2.3:a:blender:blender:2.40
Blender » Blender » Version: 2.49b

cpe:2.3:a:blender:blender:2.49b

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-3850

Products

Pricing

Contact Us