mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
852 B
852 B
CVE-2009-3576
Description
Autodesk Softimage 7.x and Softimage XSI 6.x allow remote attackers to execute arbitrary JavaScript code via a scene package containing a Scene Table of Contents (aka .scntoc) file with a Script_Content element, as demonstrated by code that loads the WScript.Shell ActiveX control.
POC
Reference
- http://www.coresecurity.com/content/softimage-arbitrary-command-execution
- http://www.coresecurity.com/content/softimage-arbitrary-command-execution
Github
No PoCs found on GitHub currently.