[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-4790

Date: (C)2007-09-10   (M)2017-10-04
 
CVSS Score: 7.5Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.OCX 6.0.8450.0 and (2) Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to execute arbitrary code via a long first argument to the FoxDoCmd function.

Reference:
SECTRACK-1019378
BID-25571
EXPLOIT-DB-4369
ADV-2008-0512
HPSBST02314
MS08-010
SSRT080016
TA08-043C
foxpro-fpole-activex-bo(36496)

CPE    4
cpe:/a:microsoft:visual_foxpro:6.0
cpe:/a:microsoft:internet_explorer:6:sp1
cpe:/a:microsoft:ie:5.01
cpe:/a:microsoft:ie:7
...
CWE    1
CWE-119
OVAL    2
oval:org.mitre.oval:def:5481
oval:org.secpod.oval:def:2628

© 2013 SecPod Technologies