Windows Vista Weather Gadget Remote Code Execution Vulnerability

info
discussion
exploit
solution
references

Windows Vista Weather Gadget Remote Code Execution Vulnerability

Windows Vista is prone to a remote code-execution vulnerability because it fails to adequately validate certain HTML attributes.

Attackers can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Successful attacks may facilitate the remote compromise of affected computers.