CVE-2007-4790

Internet Explorer - Stack-Based Buffer Overflow via FoxDoCmd Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4790. PoCs published by shinnai.

AI-analyzed exploit summary This exploit demonstrates a remote stack overflow in Microsoft Visual FoxPro 6.0's FPOLE.OCX control via a crafted buffer passed to the FoxDoCmd method. The PoC triggers a crash with a large string of 'b' characters, indicating potential for arbitrary code execution.

Description

Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.OCX 6.0.8450.0 and (2) Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to execute arbitrary code via a long first argument to the FoxDoCmd function.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmldoswindows

https://www.exploit-db.com/exploits/4369

View Code ZIP pw:eip

This exploit demonstrates a remote stack overflow in Microsoft Visual FoxPro 6.0's FPOLE.OCX control via a crafted buffer passed to the FoxDoCmd method. The PoC triggers a crash with a large string of 'b' characters, indicating potential for arbitrary code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Microsoft Visual FoxPro 6.0 (FPOLE.OCX v. 6.0.8450.0)

No auth needed

Prerequisites: Victim must visit a malicious webpage hosting the exploit · FPOLE.OCX must be registered and accessible

MITRE ATT&CK