CVE-2007-1684

Sažetak

The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dll before 16.0.0.6 allows remote attackers to execute arbitrary commands via the (1) installerpath and (2) applicationarguments arguments.

Reference

http://osvdb.org/34320
http://secunia.com/advisories/24762
http://www.kb.cert.org/vuls/id/556801
http://www.securityfocus.com/bid/23290
http://www.securitytracker.com/id?1017855
http://www.vupen.com/english/advisories/2007/1216
https://exchange.xforce.ibmcloud.com/vulnerabilities/33428

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-07-2017 - 01:30

Objavljeno

06-04-2007 - 01:19