CVE-2009-3576

CVE-2009-3576 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Autodesk Softimage 7.x and Softimage XSI 6.x allow remote attackers to execute arbitrary JavaScript code via a scene package containing a Scene Table of Contents (aka .scntoc) file with a Script_Content element, as demonstrated by code that loads the WScript.Shell ActiveX control.

Learn more about our Web Application Penetration Testing UK.