This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempt to exploit a remote command execution vulnerability by passing special arguments into a method of Microsoft Visual FoxPro ActiveX control.
Microsoft Visual FoxPro provides tools to create and manage 32-bit database applications and components.
Microsoft Visual FoxPro ActiveX control is prone to a vulnerability that lets attackers execute arbitrary commands.
This issue affects the 'FoxDoCmd()' method of the 'FPOLE.OCX' ActiveX control. This control is identified by CLSID: EF28418F-FFB2-11D0-861A-00A0C903A97F.
Successfully exploiting this issue allows remote attackers to execute arbitrary commands in the context of the application using the ActiveX control (typically Internet Explorer).
Microsoft Visual FoxPro 6.0 is vulnerable to this issue; other versions may also be affected.
- Microsoft Visual FoxPro 6.0