BID:25306

Windows Vista Weather Gadget Remote Code Execution Vulnerability

Info

Windows Vista Weather Gadget Remote Code Execution Vulnerability

Bugtraq ID:	25306
Class:	Input Validation Error
CVE:	CVE-2007-3891
Remote:	Yes
Local:	No
Published:	Aug 14 2007 12:00AM
Updated:	Aug 28 2007 06:42PM
Credit:	The vendor disclosed this issue.
Vulnerable:	Microsoft Windows Vista x64 Edition 0 Microsoft Windows Vista Ultimate Microsoft Windows Vista Home Premium Microsoft Windows Vista Home Basic Microsoft Windows Vista Enterprise Microsoft Windows Vista Business Avaya CIE 1.0.2

Not Vulnerable:

Discussion

Windows Vista Weather Gadget Remote Code Execution Vulnerability

Windows Vista is prone to a remote code-execution vulnerability because it fails to adequately validate certain HTML attributes.

Attackers can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Successful attacks may facilitate the remote compromise of affected computers.

Exploit / POC

Windows Vista Weather Gadget Remote Code Execution Vulnerability

Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

Solution / Fix

Windows Vista Weather Gadget Remote Code Execution Vulnerability

Solution:
Microsoft released security advisory MS07-048 and updates to address this issue. Please see the references for more information.

Microsoft Windows Vista Ultimate

Microsoft Security Update for Windows Vista (KB938123)
http://www.microsoft.com/downloads/details.aspx?FamilyId=49a5bd84-da71 -4529-b4d3-ac57dab59e01

Microsoft Windows Vista Home Basic

Microsoft Security Update for Windows Vista (KB938123)
http://www.microsoft.com/downloads/details.aspx?FamilyId=49a5bd84-da71 -4529-b4d3-ac57dab59e01

Microsoft Windows Vista x64 Edition 0

Microsoft Security Update for Windows Vista for x64-based Systems (KB938123
http://www.microsoft.com/downloads/details.aspx?FamilyId=24443f59-b908 -480b-9b72-7094d4b5e128

Microsoft Windows Vista Business

Microsoft Security Update for Windows Vista (KB938123)
http://www.microsoft.com/downloads/details.aspx?FamilyId=49a5bd84-da71 -4529-b4d3-ac57dab59e01

Microsoft Windows Vista Home Premium

Microsoft Security Update for Windows Vista (KB938123)
http://www.microsoft.com/downloads/details.aspx?FamilyId=49a5bd84-da71 -4529-b4d3-ac57dab59e01

Microsoft Windows Vista Enterprise

Microsoft Security Update for Windows Vista (KB938123)
http://www.microsoft.com/downloads/details.aspx?FamilyId=49a5bd84-da71 -4529-b4d3-ac57dab59e01

References

Windows Vista Weather Gadget Remote Code Execution Vulnerability

References:

Windows Vista Homepage (Microsoft)
Microsoft Security Bulletin MS07-048 (Microsoft)