Description: User Mode Write AV
Short Description: WriteAV
Exploitability Classification: EXPLOITABLE
Recommended Bug Title: Exploitable - User Mode Write AV starting at
blender!PyInit_aud+0x00000000003a56cc (Hash=0x23420309.0x667c4642)
User mode write access violations that are not near NULL are exploitable.
They do not intend to fix this bug or any other security bug. It only
took about 30 minutes to find all of these with a small amount of seed
files (around 10) using FOE2:
Short Description: WriteAV
Exploitability Classification: EXPLOITABLE
Recommended Bug Title: Exploitable - User Mode Write AV starting at
blender!PyInit_aud+0x00000000003a56cc (Hash=0x23420309.0x667c4642)
User mode write access violations that are not near NULL are exploitable.
POC Files
=======
Attachments: http://projects.blender.org/tracker/index.php?func=detail&aid=32653&grou
p_id=9&atid=498
Vendor Acknowledged
=========
http://projects.blender.org/tracker/index.php?func=detail&aid=32653&grou
p_id=9&atid=498
Vendor Response
========
We don't care.
They do not intend to fix this bug or any other security bug. It only
took about 30 minutes to find all of these with a small amount of seed
files (around 10) using FOE2:
./EXPLOITABLE/0x23420309.0x667c4642/sf_0378e695403019ae75f46c47a4d71299-
47-0x05841040-minimized.blend
./EXPLOITABLE/0x24432e67.0x684e3725/sf_fac171c436911fadb381eb2a9ef0760c-
878-0x0ce41000-minimized.blend
./EXPLOITABLE/0x574b491d.0x574b4935/sf_6e55b1a0f2696a0bc4e80cbb468429f0-
435-0x00846446-minimized.blend
./EXPLOITABLE/0x655e6416.0x467d0874/sf_c40aa52b109a96a511e9433d4ac56b51-
255-0x4c425952-minimized.blend
./PROBABLY_EXPLOITABLE/0x23420309.0x0244045e/sf_9dab7310ddde4fbc4136fdca
1fecc00a-978-0x05890000-minimized.blend
./PROBABLY_EXPLOITABLE/0x23420309.0x0e4d1e23/sf_fac171c436911fadb381eb2a
9ef0760c-15-0x0cd72000-minimized.blend
./PROBABLY_EXPLOITABLE/0x23420309.0x20456162/sf_2f3647f84b4baff07959929a
a1c33a5c-394-0x05a30000-minimized.blend
./PROBABLY_EXPLOITABLE/0x23420309.0x24367e2d/sf_9fdabc33e3fe46177504cbf7
e566f65d-1225-0x05a52004-minimized.blend
./PROBABLY_EXPLOITABLE/0x23420309.0x243f7e2d/sf_60fd4e31e7c1fda4c51c40a3
48c6da4b-75-0x0c9b9000-minimized.blend
./PROBABLY_EXPLOITABLE/0x23420309.0x3c214a19/sf_2f3647f84b4baff07959929a
a1c33a5c-424-0x00000000-minimized.blend
./PROBABLY_EXPLOITABLE/0x23420309.0x66274642/sf_6e55b1a0f2696a0bc4e80cbb
468429f0-560-0x05b6000c-minimized.blend
./PROBABLY_EXPLOITABLE/0x23420309.0x662b1d4e/sf_60fd4e31e7c1fda4c51c40a3
48c6da4b-1195-0x05a40000-minimized.blend
./PROBABLY_EXPLOITABLE/0x23420309.0x74000f4c/sf_c40aa52b109a96a511e9433d
4ac56b51-853-0x0cd4b000-minimized.blend
./PROBABLY_EXPLOITABLE/0x23420309.0x74080f4c/sf_2f3647f84b4baff07959929a
a1c33a5c-394-0x05813000-minimized.blend
./PROBABLY_EXPLOITABLE/0x24432e67.0x032d7039/sf_bbdbbb1315eed73948d9812a
a075ac89-309-0x05980000-minimized.blend
./PROBABLY_EXPLOITABLE/0x24432e67.0x03777039/sf_60fd4e31e7c1fda4c51c40a3
48c6da4b-337-0x0ca87000-minimized.blend
./PROBABLY_EXPLOITABLE/0x24432e67.0x6776414c/sf_fac171c436911fadb381eb2a
9ef0760c-195-0x0cc27004-minimized.blend
./PROBABLY_EXPLOITABLE/0x43317564.0x06317564/sf_60fd4e31e7c1fda4c51c40a3
48c6da4b-48-0x00000000-minimized.blend
./PROBABLY_EXPLOITABLE/0x492b4007.0x62223b6d/sf_c40aa52b109a96a511e9433d
4ac56b51-172-0x00000000-minimized.blend
./PROBABLY_EXPLOITABLE/0x655e6416.0x6c0f6a7a/sf_0378e695403019ae75f46c47
a4d71299-1218-0x00000305-minimized.blend
./PROBABLY_EXPLOITABLE/0x6607464c.0x43096734/sf_fac171c436911fadb381eb2a
9ef0760c-908-0x1e24fffc-minimized.blend
[ reply ]