New User, Welcome!     Login

3D Studio Max

CORE-2009-0909: Autodesk 3DS Max Application Callbacks Arbitrary Command Execution

3. *Vulnerability Description*

Autodesk 3D Studio Max [2] is a modeling, animation and redering
package widely used for video game , film , multimedia and web content
developement. The software provides a built-in scripting language,
allowing users to bind custome code to actions performed in the
applciation. Execution of scripting code does not require explicit
permission from the user. This mechanim can be exploited by an

SYMSA-2007-015

the Unix, Mac OS X, or Microsoft Windows operating systems.

The client provides graphical and command line tools for a large 
number of operating systems. Also available is a suite of plugins 
that integrate with various programming IDEs and third party 
applications, such as XCode, Autodesk 3D Studio Max, Alias Maya, 
Adobe Photoshop, Microsoft Office, Eclipse and Emacs.

Other features of the system include support for reporting 
(i.e. notifying users when a file has changed), branching and 
merging, and defect tracking."


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!