CVE-2007-3033 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-3033
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-3033

Description: Cross-site scripting (XSS) vulnerability in Windows Vista Feed Headlines Gadget (aka Sidebar RSS Feeds Gadget) in Windows Vista allows user-assisted remote attackers to execute arbitrary code via an RSS feed with crafted HTML attributes, which are not properly removed and are rendered in the local zone.

CVE Status: Candidate

References: ST 1018566 SAID Secunia Advisory: SA26439 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2152 MS http://www.microsoft.com/technet/security/bulletin/ms07-048.mspx IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=575 CERT-VN 558648 CERT http://www.us-cert.gov/cas/techalerts/TA07-226A.html BID 25287

Return to the previous page.