CVE-2009-3850

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2009-3850

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2009-3850.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2009-3850

Downstream

DEBIAN-CVE-2009-3850

UBUNTU-CVE-2009-3850

Published

2009-11-06T15:30:00Z

Modified

2026-04-10T03:40:58.285543Z

Summary

[none]

Details

Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python statements in the onLoad action of a ScriptLink SDNA.

References

http://www.coresecurity.com/content/blender-scripting-injection
http://www.securityfocus.com/archive/1/507706/100/0/threaded
http://www.securityfocus.com/bid/36838

CVE-2009-3850

Affected packages