ITN News Sidebar Gadget

Type

ITN News Gadget - Script Injection Vulnerability

Severity

High

Affected products

ITN News Windows® Vista™ Gadget

Date

2008-02-07

CVE Reference

An advisory has been released today by MWR InfoSecurity relating to the ITN News Windows Vista sidebar gadget which is vulnerable to a script injection attack that could allow remote attackers to execute commands on the target system. The vendor has addressed this vulnerability and implemented a fix in version 1.23. The full advisory, including a link to the upgrade can be viewed from the download link above.