CVE-2009-3578: Code Injection
First published: Tue Nov 24 2009(Updated: )
Autodesk Maya 8.0, 8.5, 2008, 2009, and 2010 and Alias Wavefront Maya 6.5 and 7.0 allow remote attackers to execute arbitrary code via a (1) .ma or (2) .mb file that uses the Maya Embedded Language (MEL) python command or unspecified other MEL commands, related to "Script Nodes."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Autodesk Autodesk Maya | =8.5-2008 | |
| Autodesk Autodesk Maya | =8.0-2010 | |
| Autodesk Autodesk Maya | =8.0-2009 | |
| Autodesk Autodesk Maya | =8.5-2009 | |
| Autodesk Autodesk Maya | =8.5-2010 | |
| Autodesk Autodesk Maya | =8.0-2008 | |
| Autodesk Alias Wavefront Maya | =7.0 | |
| Autodesk Alias Wavefront Maya | =6.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/tags
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/autodesk
- canonical/autodesk autodesk maya
- version/autodesk autodesk maya/8.5-2008
- version/autodesk autodesk maya/8.0-2010
- version/autodesk autodesk maya/8.0-2009
- version/autodesk autodesk maya/8.5-2009
- version/autodesk autodesk maya/8.5-2010
- version/autodesk autodesk maya/8.0-2008
- canonical/autodesk alias wavefront maya
- version/autodesk alias wavefront maya/7.0
- version/autodesk alias wavefront maya/6.5