Unrated severityNVD Advisory· Published Nov 24, 2009· Updated Apr 23, 2026

CVE-2009-3578

Description

Autodesk Maya 8.0, 8.5, 2008, 2009, and 2010 and Alias Wavefront Maya 6.5 and 7.0 allow remote attackers to execute arbitrary code via a (1) .ma or (2) .mb file that uses the Maya Embedded Language (MEL) python command or unspecified other MEL commands, related to "Script Nodes."

Affected products

Autodesk/Alias Wavefront Maya2 versions
cpe:2.3:a:autodesk:alias_wavefront_maya:6.5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:autodesk:alias_wavefront_maya:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:autodesk:alias_wavefront_maya:7.0:*:*:*:*:*:*:*
Autodesk/Autodesk Maya6 versions
cpe:2.3:a:autodesk:autodesk_maya:8.0:2008:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:autodesk:autodesk_maya:8.0:2008:*:*:*:*:*:*
- cpe:2.3:a:autodesk:autodesk_maya:8.0:2009:*:*:*:*:*:*
- cpe:2.3:a:autodesk:autodesk_maya:8.0:2010:*:*:*:*:*:*
- cpe:2.3:a:autodesk:autodesk_maya:8.5:2008:*:*:*:*:*:*
- cpe:2.3:a:autodesk:autodesk_maya:8.5:2009:*:*:*:*:*:*
- cpe:2.3:a:autodesk:autodesk_maya:8.5:2010:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.006
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000