N/A

Autodesk Softimage 7.x and Softimage XSI 6.x allow remote attackers to execute arbitrary JavaScript code via a scene package containing a Scene Table of Contents (aka .scntoc) file with a Script_Content element, as demonstrated by code that loads the WScript.Shell ActiveX control.

N/A

N/A

Autodesk SoftImage Scene TOC文件处理远程代码执行漏洞

Autodesk Softimage是用于生成3D图形、3D模型和动画的图形应用程序。 Autodesk Softimage和Softimage XSI 存在Scene TOC文件处理远程代码执行漏洞。远程攻击者可以借助一个包含Scene TOC文件（包含Script_Content元素）的Scene包，执行任意JavaScript代码。

N/A

N/A