CVE-2007-1684 : The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dl

The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dll before 16.0.0.6 allows remote attackers to execute arbitrary commands via the (1) installerpath and (2) applicationarguments arguments.

Published 2007-04-06 01:19:00

Updated 2025-04-09 00:30:58

Source CERT/CC

View at NVD, CVE.org

Products affected by CVE-2007-1684

Solidworks » Sldimdownload Activex Control » Version: 16.0.0.5
cpe:2.3:a:solidworks:sldimdownload_activex_control:16.0.0.5:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2007-1684

EPSS FAQ

2.18%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 83 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2007-1684

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2007-1684

http://osvdb.org/34320
https://exchange.xforce.ibmcloud.com/vulnerabilities/33428
http://secunia.com/advisories/24762

Patch;Vendor Advisory
http://www.vupen.com/english/advisories/2007/1216
http://www.securitytracker.com/id?1017855

Vendor Advisory
http://www.kb.cert.org/vuls/id/556801

Patch;Third Party Advisory;US Government Resource
http://www.securityfocus.com/bid/23290

Patch;Vendor Advisory

Jump to

Vulnerability Details : CVE-2007-1684

Products affected by CVE-2007-1684

Exploit prediction scoring system (EPSS) score for CVE-2007-1684

CVSS scores for CVE-2007-1684

References for CVE-2007-1684