CVE-2014-2967

Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code via Python os library calls in Python API commands to the integrated web server.