CVE-2007-4790

Currently unrated

Key Information:

Vendor: Microsoft
Status: Internet Explorer; Visual Foxpro
Vendor: CVE Published:; 10 September 2007

Summary

Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.OCX 6.0.8450.0 and (2) Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to execute arbitrary code via a long first argument to the FoxDoCmd function.

References

http://www.securitytracker.com/id?1019378

vdb-entryx_refsource_SECTRACK

http://marc.info/?l=bugtraq&m=120361015026386&w=2

vendor-advisoryx_refsource_HP

https://www.exploit-db.com/exploits/4369

exploitx_refsource_EXPLOIT-DB

EPSS Score

95% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 10, 2007
Vulnerability Reserved
Sep 10, 2007

Collectors

NVD DatabaseMitre Database