Vulnerability Details CVE-2008-0235
The Microsoft VFP_OLE_Server ActiveX control allows remote attackers to execute arbitrary code by invoking the foxcommand method.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.452
EPSS Ranking 97.5%
CVSS Severity
CVSS v2 Score 10.0
References
- http://packetstormsecurity.org/0801-exploits/msvfpole-exec.txt
- http://secunia.com/advisories/28417
- http://shinnai.altervista.org/exploits/txt/TXT_rNowA1916DKFNUF48NyS.html
- http://www.securityfocus.com/bid/27199
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39559
- https://www.exploit-db.com/exploits/4875
- http://packetstormsecurity.org/0801-exploits/msvfpole-exec.txt
- http://secunia.com/advisories/28417
- http://shinnai.altervista.org/exploits/txt/TXT_rNowA1916DKFNUF48NyS.html
- http://www.securityfocus.com/bid/27199
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39559
- https://www.exploit-db.com/exploits/4875
Products affected by CVE-2008-0235
-
cpe:2.3:a:microsoft:vfp_ole_server_activex_control:*