Remote Command Execution Vulnerability in Microsoft Visual FoxPro ActiveX Control
CVE-2008-0236

Currently unrated

Key Information:

Vendor: Microsoft
Status: Visual Foxpro
Vendor: CVE Published:; 11 January 2008

Summary

A vulnerability exists in the ActiveX control for Microsoft Visual FoxPro (vfp6r.dll version 6.0.8862.0) that allows remote attackers to execute arbitrary commands by invoking the vulnerable DoCmd method. This flaw can be exploited by attackers to execute untrusted commands on the affected system, potentially leading to data compromise and unauthorized access. Users and administrators are advised to take appropriate precautions and apply necessary security updates to mitigate these risks.

References

http://secunia.com/advisories/28417

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/27205

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/39558

vdb-entryx_refsource_XF

EPSS Score

34% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 11, 2008
Vulnerability Reserved
Jan 10, 2008