Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for sldimdownload_activex_control by solidworks

    CVE-2007-1684 (GCVE-0-2007-1684)

    Vulnerability from nvd – Published: 2007-04-06 01:00 – Updated: 2024-08-07 13:06
    VLAI
    Summary
    The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dll before 16.0.0.6 allows remote attackers to execute arbitrary commands via the (1) installerpath and (2) applicationarguments arguments.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/34320 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securitytracker.com/id?1017855 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2007/1216 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/24762 third-party-advisoryx_refsource_SECUNIA
    http://www.kb.cert.org/vuls/id/556801 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/bid/23290 vdb-entryx_refsource_BID
    Date Public
    2007-04-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:06:25.812Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "34320",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/34320"
              },
              {
                "name": "solidworks-activex-command-execution(33428)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33428"
              },
              {
                "name": "1017855",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017855"
              },
              {
                "name": "ADV-2007-1216",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1216"
              },
              {
                "name": "24762",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24762"
              },
              {
                "name": "VU#556801",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/556801"
              },
              {
                "name": "23290",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23290"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dll before 16.0.0.6 allows remote attackers to execute arbitrary commands via the (1) installerpath and (2) applicationarguments arguments."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "34320",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/34320"
            },
            {
              "name": "solidworks-activex-command-execution(33428)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33428"
            },
            {
              "name": "1017855",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017855"
            },
            {
              "name": "ADV-2007-1216",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1216"
            },
            {
              "name": "24762",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24762"
            },
            {
              "name": "VU#556801",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/556801"
            },
            {
              "name": "23290",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23290"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2007-1684",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dll before 16.0.0.6 allows remote attackers to execute arbitrary commands via the (1) installerpath and (2) applicationarguments arguments."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "34320",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/34320"
                },
                {
                  "name": "solidworks-activex-command-execution(33428)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33428"
                },
                {
                  "name": "1017855",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017855"
                },
                {
                  "name": "ADV-2007-1216",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1216"
                },
                {
                  "name": "24762",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/24762"
                },
                {
                  "name": "VU#556801",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/556801"
                },
                {
                  "name": "23290",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23290"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2007-1684",
        "datePublished": "2007-04-06T01:00:00.000Z",
        "dateReserved": "2007-03-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:06:25.812Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1684 (GCVE-0-2007-1684)

    Vulnerability from cvelistv5 – Published: 2007-04-06 01:00 – Updated: 2024-08-07 13:06
    VLAI
    Summary
    The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dll before 16.0.0.6 allows remote attackers to execute arbitrary commands via the (1) installerpath and (2) applicationarguments arguments.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/34320 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securitytracker.com/id?1017855 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2007/1216 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/24762 third-party-advisoryx_refsource_SECUNIA
    http://www.kb.cert.org/vuls/id/556801 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/bid/23290 vdb-entryx_refsource_BID
    Date Public
    2007-04-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:06:25.812Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "34320",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/34320"
              },
              {
                "name": "solidworks-activex-command-execution(33428)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33428"
              },
              {
                "name": "1017855",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017855"
              },
              {
                "name": "ADV-2007-1216",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1216"
              },
              {
                "name": "24762",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24762"
              },
              {
                "name": "VU#556801",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/556801"
              },
              {
                "name": "23290",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23290"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dll before 16.0.0.6 allows remote attackers to execute arbitrary commands via the (1) installerpath and (2) applicationarguments arguments."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "34320",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/34320"
            },
            {
              "name": "solidworks-activex-command-execution(33428)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33428"
            },
            {
              "name": "1017855",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017855"
            },
            {
              "name": "ADV-2007-1216",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1216"
            },
            {
              "name": "24762",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24762"
            },
            {
              "name": "VU#556801",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/556801"
            },
            {
              "name": "23290",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23290"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2007-1684",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dll before 16.0.0.6 allows remote attackers to execute arbitrary commands via the (1) installerpath and (2) applicationarguments arguments."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "34320",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/34320"
                },
                {
                  "name": "solidworks-activex-command-execution(33428)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33428"
                },
                {
                  "name": "1017855",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017855"
                },
                {
                  "name": "ADV-2007-1216",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1216"
                },
                {
                  "name": "24762",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/24762"
                },
                {
                  "name": "VU#556801",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/556801"
                },
                {
                  "name": "23290",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23290"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2007-1684",
        "datePublished": "2007-04-06T01:00:00.000Z",
        "dateReserved": "2007-03-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:06:25.812Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }