{"api_version":"1","generated_at":"2026-04-23T17:14:51+00:00","cve":"CVE-2007-5322","urls":{"html":"https://cve.report/CVE-2007-5322","api":"https://cve.report/api/cve/CVE-2007-5322.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-5322","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-5322"},"summary":{"title":"CVE-2007-5322","description":"Insecure method vulnerability in the FPOLE.OCX 6.0.8450.0 ActiveX control in Microsoft Visual FoxPro 6.0 allows remote attackers to execute arbitrary programs by specifying them as an argument to the FoxDoCmd function.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-10-09 22:17:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-78","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://shinnai.altervista.org/exploits/txt/TXT_14md9AHOoCycrnk9l095.html","name":"http://shinnai.altervista.org/exploits/txt/TXT_14md9AHOoCycrnk9l095.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"],"title":"shinnai.altervista.org","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"https://www.exploit-db.com/exploits/4506","name":"https://www.exploit-db.com/exploits/4506","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Microsoft Visual FoxPro 6.0 FPOLE.OCX Arbitrary Command Execution","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/38487","name":"http://osvdb.org/38487","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37035","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37035","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27165","name":"http://secunia.com/advisories/27165","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Microsoft Visual FoxPro FPOLE.OCX Insecure Method Command Execution - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/25977","name":"http://www.securityfocus.com/bid/25977","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"],"title":"Microsoft Visual FoxPro FPOLE.OCX ActiveX Control Arbitrary Command Execution Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-5322","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-5322","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"5322","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"visual_foxpro","cpe6":"6.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T15:24:42.492Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"foxpro-fpole-command-execution(37035)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37035"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://shinnai.altervista.org/exploits/txt/TXT_14md9AHOoCycrnk9l095.html"},{"name":"4506","tags":["exploit","x_refsource_EXPLOIT-DB","x_transferred"],"url":"https://www.exploit-db.com/exploits/4506"},{"name":"38487","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/38487"},{"name":"27165","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/27165"},{"name":"25977","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/25977"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-10-09T00:00:00.000Z","descriptions":[{"lang":"en","value":"Insecure method vulnerability in the FPOLE.OCX 6.0.8450.0 ActiveX control in Microsoft Visual FoxPro 6.0 allows remote attackers to execute arbitrary programs by specifying them as an argument to the FoxDoCmd function."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-09-28T12:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"foxpro-fpole-command-execution(37035)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37035"},{"tags":["x_refsource_MISC"],"url":"http://shinnai.altervista.org/exploits/txt/TXT_14md9AHOoCycrnk9l095.html"},{"name":"4506","tags":["exploit","x_refsource_EXPLOIT-DB"],"url":"https://www.exploit-db.com/exploits/4506"},{"name":"38487","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/38487"},{"name":"27165","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/27165"},{"name":"25977","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/25977"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-5322","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Insecure method vulnerability in the FPOLE.OCX 6.0.8450.0 ActiveX control in Microsoft Visual FoxPro 6.0 allows remote attackers to execute arbitrary programs by specifying them as an argument to the FoxDoCmd function."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"foxpro-fpole-command-execution(37035)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37035"},{"name":"http://shinnai.altervista.org/exploits/txt/TXT_14md9AHOoCycrnk9l095.html","refsource":"MISC","url":"http://shinnai.altervista.org/exploits/txt/TXT_14md9AHOoCycrnk9l095.html"},{"name":"4506","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/4506"},{"name":"38487","refsource":"OSVDB","url":"http://osvdb.org/38487"},{"name":"27165","refsource":"SECUNIA","url":"http://secunia.com/advisories/27165"},{"name":"25977","refsource":"BID","url":"http://www.securityfocus.com/bid/25977"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-5322","datePublished":"2007-10-09T22:00:00.000Z","dateReserved":"2007-10-09T00:00:00.000Z","dateUpdated":"2024-08-07T15:24:42.492Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-10-09 22:17:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-78","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_foxpro:6.0:*:*:*:*:*:*:*","matchCriteriaId":"8936D267-41DF-4310-A990-5883787728E3"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"5322","Ordinal":"1","Title":"CVE-2007-5322","CVE":"CVE-2007-5322","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"5322","Ordinal":"1","NoteData":"Insecure method vulnerability in the FPOLE.OCX 6.0.8450.0 ActiveX control in Microsoft Visual FoxPro 6.0 allows remote attackers to execute arbitrary programs by specifying them as an argument to the FoxDoCmd function.","Type":"Description","Title":"CVE-2007-5322"},{"CveYear":"2007","CveId":"5322","Ordinal":"2","NoteData":"2007-10-09","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"5322","Ordinal":"3","NoteData":"2017-09-28","Type":"Other","Title":"Modified"}]}}}