Visual FoxPro is a tool for developing database applications.
**vfp6r.dll** ActiveX control allows command execution when a user opens a web page which uses the
Set the kill bit for class ID 008B6010-1F3D-11D1-B0C8-00A0C9055D74 as described in Microsoft Knowledge Base Article 240797.
Exploit works on Visual FoxPro 6.0 and requires a user to load the exploit page in Internet Explorer.
In order for this exploit to succeed, first download the exploit.exe file from the exploit server and place it on the specified SMB share, which must be accessible by the target.
In order for the exploit to succeed, the exploit server must be in the Local intranet zone or in the Trusted sites zone on the target, and the option "Initialize and script ActiveX controls not marked as safe" must be set to "Enable", because the affected ActiveX control is marked not safe.