CVE-2009-3578
Published Nov 24, 2009
Last updated 6 years ago
Overview
- Description
- Autodesk Maya 8.0, 8.5, 2008, 2009, and 2010 and Alias Wavefront Maya 6.5 and 7.0 allow remote attackers to execute arbitrary code via a (1) .ma or (2) .mb file that uses the Maya Embedded Language (MEL) python command or unspecified other MEL commands, related to "Script Nodes."
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-94
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:alias_wavefront_maya:6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20859414-D768-4094-AF5F-D9A291FC64A3"
},
{
"criteria": "cpe:2.3:a:autodesk:alias_wavefront_maya:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2AFDD10-A460-444A-9976-7D273624D21A"
},
{
"criteria": "cpe:2.3:a:autodesk:autodesk_maya:8.0:2008:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07199D2C-17B7-4E7A-AD4A-5D0FBE4642C6"
},
{
"criteria": "cpe:2.3:a:autodesk:autodesk_maya:8.0:2009:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC5F2645-4D92-412C-841F-00D841433607"
},
{
"criteria": "cpe:2.3:a:autodesk:autodesk_maya:8.0:2010:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA84789E-C639-435C-A6AC-922C4B968A38"
},
{
"criteria": "cpe:2.3:a:autodesk:autodesk_maya:8.5:2008:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CE43DCB-DF17-4B90-ADBC-2DD05C6C3A18"
},
{
"criteria": "cpe:2.3:a:autodesk:autodesk_maya:8.5:2009:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1096BD88-DC22-4228-872A-70300C6A51C9"
},
{
"criteria": "cpe:2.3:a:autodesk:autodesk_maya:8.5:2010:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FCFED79-D472-4CF4-A240-F549DB3DD600"
}
],
"operator": "OR"
}
]
}
]