CVE-2007-1684

Name of the Vulnerable Software and Affected Versions: SolidWorks sldimdownload ActiveX control versions prior to 16.0.0.6

Description: The issue allows remote attackers to execute arbitrary commands. This is achieved via the installerpath and applicationarguments arguments in the Run function of the sldimdownload.dll.

Recommendations: For versions prior to 16.0.0.6, update to version 16.0.0.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the Run function in the sldimdownload ActiveX control to minimize the risk of exploitation. Avoid using the installerpath and applicationarguments arguments in the affected ActiveX control until the issue is resolved.