CVE-2005-4470

Publication date 22 December 2005

Last updated 17 July 2025

Ubuntu priority

Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negative bhead.len value, which causes less memory to be allocated than expected, possibly due to an integer overflow.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
blender	7.04 feisty	Not affected
	6.10 edgy	Not affected
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-238-2
Blender vulnerability
6 January 2006

Other references

https://www.cve.org/CVERecord?id=CVE-2005-4470