CVE-2008-1103 : Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issue

Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues."

Published 2008-04-28 20:05:00

Updated 2017-08-08 01:29:53

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2008-1103

Probability of exploitation activity in the next 30 days: 0.24%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 61 % EPSS Score History EPSS FAQ

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.9	MEDIUM	AV:L/AC:M/Au:N/C:C/I:C/A:C	3.4	10.0	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE-59 Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Assigned by: nvd@nist.gov (Primary)