Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 14/08/2007 Updated: 12/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in Windows Vista Feed Headlines Gadget (aka Sidebar RSS Feeds Gadget) in Windows Vista allows user-assisted remote malicious users to execute arbitrary code via an RSS feed with crafted HTML attributes, which are not properly removed and are rendered in the local zone.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows vista

CWE-79 http://www.securityfocus.com/bid/25287 http://www.securitytracker.com/id?1018566 http://secunia.com/advisories/26439 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=575 http://www.us-cert.gov/cas/techalerts/TA07-226A.html http://www.kb.cert.org/vuls/id/558648 http://www.vupen.com/english/advisories/2007/2872 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2152 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-048 https://nvd.nist.gov https://www.kb.cert.org/vuls/id/558648

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-3033

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect