New Search

Vulnerability in Feed Headline Gadget.

oval:org.mitre.oval:def:2152

Cross-site scripting (XSS) vulnerability in Windows Vista Feed Headlines Gadget (aka Sidebar RSS Feeds Gadget) in Windows Vista allows user-assisted remote attackers to execute arbitrary code via an RSS feed with crafted HTML attributes which are not properly removed and are rendered in the local zone.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Vista
Class:
vulnerability
Reference(s):
  • CVE-2007-3033
Product(s):