Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations | |||
---|---|---|---|
Name | CVE-2007-5322 | First vendor Publication | 2007-10-09 |
Vendor | Cve | Last vendor Modification | 2017-09-29 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Insecure method vulnerability in the FPOLE.OCX 6.0.8450.0 ActiveX control in Microsoft Visual FoxPro 6.0 allows remote attackers to execute arbitrary programs by specifying them as an argument to the FoxDoCmd function. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5322 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection') (CWE/SANS Top 25) |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
38487 | Microsoft Visual FoxPro ActiveX (FPOLE.OCX) FoxDoCmd Function Arbitrary Comma... |
Snort® IPS/IDS
Date | Description |
---|---|
2016-03-14 | Microsoft Visual FoxPro ActiveX clsid access RuleID : 36792 - Revision : 2 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Visual FoxPro foxtlib ActiveX clsid unicode access RuleID : 13452 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Windows Visual FoxPro foxtlib ActiveX clsid access RuleID : 13451 - Revision : 10 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Visual FoxPro ActiveX function call unicode access RuleID : 12420 - Revision : 7 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Visual FoxPro ActiveX function call access RuleID : 12419 - Revision : 11 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Visual FoxPro ActiveX clsid unicode access RuleID : 12418 - Revision : 7 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Visual FoxPro ActiveX clsid access RuleID : 12417 - Revision : 15 - Type : BROWSER-PLUGINS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-02-12 | Name : Arbitrary code can be executed on the remote host through the web client. File : smb_nt_ms08-010.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:06:30 |
|
2021-04-22 01:07:02 |
|
2020-05-23 00:20:34 |
|
2017-09-29 09:23:14 |
|
2017-07-29 12:02:35 |
|
2016-06-28 16:58:45 |
|
2016-04-26 16:41:03 |
|
2014-02-17 10:42:01 |
|
2014-01-19 21:24:30 |
|
2013-05-11 10:38:36 |
|