Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2009-3850

Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python statements in the onLoad action of a ScriptLink SDNA.

  • Published: Nov 6, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2009-3850
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
blender / blender 2.35a 2.35a.x
blender / blender 2.49b 2.49b.x
blender / blender 2.40 2.40.x
blender / blender 2.34 2.34.x