You might want to do some reading on how a firewall as well as various types of exploits work.
A firewall filters traffic based on a set of rules. Traffic that meets one set of rules is allowed, and traffic that meets another set of rules is not allowed.
Remote exploits (exploits that are launched from one attacking system against one or more victim systems over a network) use network traffic to exploit a system.
If you want to know whether a particular remote exploit will work against a firewalled system, you need to know what traffic the firewall allows and what traffic the remote exploit uses to attack the system. Based on that advice Im sure you can do the research to determine which traffic must be allowed through the firewall for a particular exploit to work. (Hint: do a packet capture of the exploit if you dont already know what service/port it contacts).
This is a Metasploit exploit that allows remote code execution vulnerability on Vista Sp1 and Sp2.