CVE-2007-5322

Microsoft Visual Foxpro - OS Command Injection

Title source: rule

Description

Insecure method vulnerability in the FPOLE.OCX 6.0.8450.0 ActiveX control in Microsoft Visual FoxPro 6.0 allows remote attackers to execute arbitrary programs by specifying them as an argument to the FoxDoCmd function.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmlremotewindows

https://www.exploit-db.com/exploits/4506

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/37035

[Exploit] http://shinnai.altervista.org/exploits/txt/TXT_14md9AHOoCycrnk9l095.html

[Third Party Advisory, VDB Entry] http://osvdb.org/38487

[Exploit] http://www.securityfocus.com/bid/25977

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4506

[Third Party Advisory] http://secunia.com/advisories/27165

Scores

EPSS 0.3454

EPSS Percentile 97.0%

Details

CWE

CWE-78

Status published

Products (1)

microsoft/visual_foxpro 6.0

Published Oct 09, 2007

Tracked Since Feb 18, 2026