Intrusion Prevention

Autodesk.3DStudio.Max.Embedded.Maxscript.Memory.Corruption

Description

This indicates an attack attempt to exploit a Double Free vulnerability in Autodesk 3DSMax.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious "MAX" file. A remote attacker may exploit this to execute arbitrary code via a crafted "MAX" file.

Affected Products

Autodesk 3DSMax 6
Autodesk 3DSMax 7
Autodesk 3DSMax 8
Autodesk 3DSMax 9

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

CVE References

CVE-2009-3577