SolidWorks Sldimdownload ActiveX Control Arbitrary Code Execution

This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an ActiveX control that allows execution
of arbitrary code.

Description :

The remote host contains a version of the 'sldimdownload' ActiveX
control included with SolidWorks' 3D CAD software.

The version of this ActiveX control on the remote host fails to
sanitize input to the 'installerpath' and 'applicationarguments'
parameters of the 'Run' method. If an attacker can trick a user on the
affected host into visiting a specially crafted web page, he can
leverage this issue to execute arbitrary code on the host subject to
the user's privileges.

Solution :

Update to version 16.0.0.6 or later of the control.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 24912 ()

Bugtraq ID: 23290

CVE ID: CVE-2007-1684

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now