Vulnerabilities > Autodesk
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-11-24 | CVE-2009-3576 | Code Injection vulnerability in Autodesk Softimage and Autodesk Softimage XSI Autodesk Softimage 7.x and Softimage XSI 6.x allow remote attackers to execute arbitrary JavaScript code via a scene package containing a Scene Table of Contents (aka .scntoc) file with a Script_Content element, as demonstrated by code that loads the WScript.Shell ActiveX control. | 9.3 |
2008-10-07 | CVE-2008-4472 | Permissions, Privileges, and Access Controls vulnerability in Autodesk Design Review, DWF Viewer and Revit Architecture The UpdateEngine class in the LiveUpdate ActiveX control (LiveUpdate16.DLL 17.2.56), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method. | 9.3 |
2008-10-07 | CVE-2008-4471 | Path Traversal vulnerability in Autodesk Design Review, DWF Viewer and Revit Architecture Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control (AdView.dll 9.0.0.96), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via "..\" sequences in the argument to the SaveAS method. | 9.3 |
2007-09-14 | CVE-2007-4749 | Configuration vulnerability in Autodesk Backburner 3.0.2 The cmdjob utility in Autodesk Backburner 3.0.2 allows remote attackers to execute arbitrary commands on render servers by queueing jobs that contain these commands. | 6.8 |
2005-12-31 | CVE-2005-4710 | Products Remote Unauthorized Access vulnerability in Autodesk Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer," aka ID DL5549329. | 4.6 |