Unrated severityNVD Advisory· Published Nov 24, 2009· Updated Jun 16, 2026
CVE-2009-3576
CVE-2009-3576
Description
Autodesk Softimage 7.x and Softimage XSI 6.x allow remote attackers to execute arbitrary JavaScript code via a scene package containing a Scene Table of Contents (aka .scntoc) file with a Script_Content element, as demonstrated by code that loads the WScript.Shell ActiveX control.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- cpe:2.3:a:autodesk:autodesk_softimage_xsi:6.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.