Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2009-3576

Published: 24/11/2009 Updated: 10/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 940
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Autodesk Softimage

Vulnerability Summary

Autodesk Softimage 7.x and Softimage XSI 6.x allow remote malicious users to execute arbitrary JavaScript code via a scene package containing a Scene Table of Contents (aka .scntoc) file with a Script_Content element, as demonstrated by code that loads the WScript.Shell ActiveX control.

Vulnerable Product Search on Vulmon Subscribe to Product

autodesk autodesk softimage 7.0

autodesk autodesk softimage xsi 6.0

Exploits

Exploit DB: Autodesk SoftImage 7.0 Scene - '.TOC' File Remote Code Execution
source: wwwsecurityfocuscom/bid/36637/info Autodesk Softimage is prone to a remote code-execution vulnerability Successful exploits will allow attackers to execute arbitrary code within the context of the affected application Failed exploit attempts will result in a denial-of-service condition <PostLoadScript> <Langua ...
Exploit DB: Autodesk SoftImage Scene TOC - Arbitrary Command Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory wwwcoresecuritycom/corelabs/ Autodesk SoftImage Scene TOC Arbitrary Command Execution 1 *Advisory Information* Title: Autodesk SoftImage Scene TOC Arbitrary Command Execution Advisory Id: CORE-2009-0908 Advisory URL: http:/ ...

References

CWE-94http://www.coresecurity.com/content/softimage-arbitrary-command-executionhttp://securitytracker.com/id?1023229http://www.securityfocus.com/bid/36637http://www.securityfocus.com/archive/1/508011/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/33273/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook