Vulnerability in Microsoft Visual FoxPro 6.0 Allows Remote Code Execution
CVE-2002-0696

Currently unrated

Key Information:

Vendor: Microsoft
Status: Visual Foxpro
Vendor: CVE Published:; 4 October 2002

What is CVE-2002-0696?

Microsoft Visual FoxPro 6.0 has a vulnerability that fails to register its associated files with Internet Explorer. This flaw enables remote attackers to execute Visual FoxPro applications without any warning through HTML files that reference specially crafted filenames. The lack of proper validation in the browser's handling of these filenames can be exploited, leading to a risk of unauthorized execution of potentially malicious code.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.ciac.org/ciac/bulletins/m-120.shtml

third-party-advisorygovernment-resourcex_refsource_CIAC

http://www.iss.net/security_center/static/10035.php

vdb-entryx_refsource_XF

EPSS Score

18% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Jul 12, 2002