Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2005-3302 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2005-3302

CVE-2005-3302

HIGH7.3

Eval injection vulnerability in bvh_import

Published Oct 24, 2005

Modified 1 years ago

Details

Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call.

References

WEBhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330895 ADVISORYhttp://secunia.com/advisories/19754 ADVISORYhttp://www.debian.org/security/2006/dsa-1039 WEBhttp://www.securityfocus.com/bid/17663 ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2005-3302

CVSS Analysis

CVSS v3.1

7.3

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

LowC:L

Integrity

LowI:L

Availability

LowA:L

7.3/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Ecosystems

Timeline

PublishedOct 24, 2005

ModifiedJan 16, 2025