The SolidWorks sldimdownload ActiveX control contains methods that can allow a remote, unauthenticated attacker to run arbitrary code on a vulnerable system.
SolidWorks provides 3D CAD software solutions. The SolidWorks sldimdownload ActiveX control is provided by the file sldimdownload.dll. It contains a method called Run(), which takes installerpath and applicationarguments parameters. This method can be used to execute arbitrary applications that may reside on remote servers.
By convincing a victim to view an HTML document (web page, HTML email, or email attachment), an attacker could run arbitrary code with the privileges of the user running IE.
Install an update
This issue has been addressed in the sldimdownload ActiveX control version 16,0,0,1. This version restricts the web domains that can use the control. To update, close all Internet Explorer windows. Go to %windir%\downloaded program files . Right click on sldimdownloadiface and select update. Please see the SolidWorks technical document for more information.
This vulnerability was reported by Will Dormann of CERT/CC.
This document was written by Will Dormann.
|Date First Published:||2007-04-03|
|Date Last Updated:||2007-04-10 20:50 UTC|