CVSS: 9.8EPSS: 4%CPEs: 7EXPL: 3CVE-2009-3577 – Autodesk 3ds - Max Application Callbacks Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2009-3577
24 Nov 2009 — Autodesk 3D Studio Max (3DSMax) 6 through 9 and 2008 through 2010 allows remote attackers to execute arbitrary code via a .max file with a MAXScript statement that calls the DOSCommand method, related to "application callbacks." Autodesk 3D Studio Max (3DSMax) v6 hasta v9 y v2008 hasta v2010 permite a atacantes remotos ejecutar código de su elección a través de un archivo .max con una sentencia MAXScript que llama al método DOSCommand, relacionado con "application callbacks." • https://www.exploit-db.com/exploits/33272 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.4EPSS: 0%CPEs: 32EXPL: 0CVE-2005-4710
https://notcve.org/view.php?id=CVE-2005-4710
31 Dec 2005 — Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer," aka ID DL5549329. • http://secunia.com/advisories/18682 •