CVE-2009-3578

Published Nov 24, 2009

Last updated 6 years ago

CVSS info 9.3

Overview

Description: Autodesk Maya 8.0, 8.5, 2008, 2009, and 2010 and Alias Wavefront Maya 6.5 and 7.0 allow remote attackers to execute arbitrary code via a (1) .ma or (2) .mb file that uses the Maya Embedded Language (MEL) python command or unspecified other MEL commands, related to "Script Nodes."
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-94

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:autodesk:alias_wavefront_maya:6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20859414-D768-4094-AF5F-D9A291FC64A3"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:alias_wavefront_maya:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2AFDD10-A460-444A-9976-7D273624D21A"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autodesk_maya:8.0:2008:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07199D2C-17B7-4E7A-AD4A-5D0FBE4642C6"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autodesk_maya:8.0:2009:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC5F2645-4D92-412C-841F-00D841433607"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autodesk_maya:8.0:2010:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA84789E-C639-435C-A6AC-922C4B968A38"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autodesk_maya:8.5:2008:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CE43DCB-DF17-4B90-ADBC-2DD05C6C3A18"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autodesk_maya:8.5:2009:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1096BD88-DC22-4228-872A-70300C6A51C9"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autodesk_maya:8.5:2010:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FCFED79-D472-4CF4-A240-F549DB3DD600"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References