The vulnerability could be exploited by creating a web page that references a Visual FoxPro 6.0 application. If Visual FoxPro 6.0 is installed, and the filename of the application was constructed correctly, the application would execute. This would enable the application to not only interrogate databases, but also issue system commands in the user?s security context. Any users of Visual FoxPro 6.0 should download and apply this update.
Download Visual FoxPro 6.0 Application Launch Security Update