CVE-2009-3576
CVE-2009-3576 · HIGH Severity
AV:N/AC:M/AU:N/C:C/I:C/A:C
Autodesk Softimage 7.x and Softimage XSI 6.x allow remote attackers to execute arbitrary JavaScript code via a scene package containing a Scene Table of Contents (aka .scntoc) file with a Script_Content element, as demonstrated by code that loads the WScript.Shell ActiveX control.
Learn more about our Web Application Penetration Testing UK.