Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2008-0236

4 documents4 sources
Severity
5.8MEDIUM
EPSS
34.6%
top 2.99%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Visual Foxpro
Timeline
PublishedJan 11
Latest updateMay 1

Description

An ActiveX control for Microsoft Visual FoxPro (vfp6r.dll 6.0.8862.0) allows remote attackers to execute arbitrary commands by invoking the DoCmd method.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-55mr-mr5g-mp5p: An ActiveX control for Microsoft Visual FoxPro (vfp6r2022-05-01
CVEList
CVE-2008-0236: An ActiveX control for Microsoft Visual FoxPro (vfp6r2008-01-11

💥Exploits & PoCs

1
Exploit-DB
Microsoft FoxServer - 'vfp6r.dll 6.0.8862.0' ActiveX Command Execution2008-01-09
CVE-2008-0236 (MEDIUM CVSS 5.8) | An ActiveX control for Microsoft Vi | cvebase.io