Lucene search

MitreCVE-2008-0236

HistoryJan 11, 2008 - 2:46 a.m.

CVE-2008-0236

2008-01-1102:46:00

mitre

web.nvd.nist.gov

cve-2008-0236

nvd

activex

microsoft

visual foxpro

remote code execution

docmd method

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

7.4

Confidence

Low

EPSS

0.947

Percentile

99.3%

JSON

An ActiveX control for Microsoft Visual FoxPro (vfp6r.dll 6.0.8862.0) allows remote attackers to execute arbitrary commands by invoking the DoCmd method.

Affected configurations

Nvd

Node

microsoftvisual_foxproMatch6.0

VendorProductVersionCPE
microsoftvisual_foxpro6.0cpe:2.3:a:microsoft:visual_foxpro:6.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	visual_foxpro	6.0	cpe:2.3:a:microsoft:visual_foxpro:6.0:::::::*

References

secunia.com/advisories/28417

shinnai.altervista.org/exploits/txt/TXT_DiWu9j82RCq4zpaQAoxn.html

www.securityfocus.com/bid/27205

exchange.xforce.ibmcloud.com/vulnerabilities/39558

www.exploit-db.com/exploits/4873

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

7.4

Confidence

Low

EPSS

0.947

Percentile

99.3%

JSON

Related for CVE-2008-0236