2 results (0.013 seconds)

CVSS: 9.3EPSS: 3%CPEs: 7EXPL: 3

Autodesk 3D Studio Max (3DSMax) 6 through 9 and 2008 through 2010 allows remote attackers to execute arbitrary code via a .max file with a MAXScript statement that calls the DOSCommand method, related to "application callbacks." Autodesk 3D Studio Max (3DSMax) v6 hasta v9 y v2008 hasta v2010 permite a atacantes remotos ejecutar código de su elección a través de un archivo .max con una sentencia MAXScript que llama al método DOSCommand, relacionado con "application callbacks." • https://www.exploit-db.com/exploits/33272 http://securitytracker.com/id?1023230 http://www.coresecurity.com/content/3dsmax-arbitrary-command-execution http://www.securityfocus.com/archive/1/508012/100/0/threaded http://www.securityfocus.com/bid/36634 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 4.6EPSS: 0%CPEs: 32EXPL: 0

Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer," aka ID DL5549329. • http://secunia.com/advisories/18682 http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232 http://www.securityfocus.com/bid/16472 https://exchange.xforce.ibmcloud.com/vulnerabilities/24460 •