CVE-2008-7037

The Sidebar gadget in ITN News Gadget (aka ITN Hub Gadget) 1.06 for Windows Vista, and possibly other versions before 1.23, allows remote web servers or man-in-the-middle attackers to execute arbitrary commands via script in a short_title response.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
VendorProductVersion
itnitn_news_gadget
1.06
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.mwrinfosecurity.com/publications/mwri_itn-news-gadget-advisory_2008-02-04.pdf
http://www.securityfocus.com/bid/27725
https://exchange.xforce.ibmcloud.com/vulnerabilities/43563
http://www.mwrinfosecurity.com/publications/mwri_itn-news-gadget-advisory_2008-02-04.pdf
http://www.securityfocus.com/bid/27725
https://exchange.xforce.ibmcloud.com/vulnerabilities/43563