Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dll before 16.0.0.6 allows remote attackers to execute arbitrary commands via the (1) installerpath and (2) applicationarguments arguments.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SolidWorks SLDimdownload ActiveX控件任意程序执行漏洞
Vulnerability Description
SolidWorks是一家著名的3D CAD工具厂商,提供各种3D CAD软件。 SolidWorks SLDimdownload ActiveX控件实现上存在访问验证漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意程序。 SolidWorks产品的sldimdownload.dll文件中提供一个sldimdownload ActiveX控件。该控件的Run()方式在获取installerpath和applicationarguments参数时没有限制访问,允许执行用户系统上的任意程序。
CVSS Information
N/A
Vulnerability Type
N/A