Published: 24/11/2009 Updated: 10/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Autodesk 3D Studio Max (3DSMax) 6 through 9 and 2008 through 2010 allows remote malicious users to execute arbitrary code via a .max file with a MAXScript statement that calls the DOSCommand method, related to "application callbacks."

Vulnerable Product	Search on Vulmon	Subscribe to Product
autodesk 3ds max 2010
autodesk 3ds max 2008
autodesk 3ds max 2009
autodesk 3ds max 6
autodesk 3ds max 7
autodesk 3ds max 8
autodesk 3ds max 9

source: wwwsecurityfocuscom/bid/36634/info Autodesk 3ds Max is prone to a vulnerability that lets attackers execute arbitrary commands in the context of the vulnerable application This issue affects the following: 3ds Max 6 through 9 3ds Max 2008 through 2010 Other versions may also be vulnerable The following proof-of-concept code ...

CWE-94 http://securitytracker.com/id?1023230 http://www.securityfocus.com/bid/36634 http://www.coresecurity.com/content/3dsmax-arbitrary-command-execution http://www.securityfocus.com/archive/1/508012/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/33272/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-3577

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect