Back to search
CVE-2003-1027
Published: Jan 8, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different vulnerability than CVE-2003-0823, aka the "Function Pointer Drag and Drop Vulnerability."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
oval:org.mitre.oval:def:527
vdb-entry
signature
x_refsource_OVAL
VU#413886
third-party-advisory
x_refsource_CERT-VN
oval:org.mitre.oval:def:629
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:531
vdb-entry
signature
x_refsource_OVAL
http://www.safecenter.net/UMBRELLAWEBV4/HijackClickV2
x_refsource_MISC
oval:org.mitre.oval:def:530
vdb-entry
signature
x_refsource_OVAL
20031201 Comments on 5 IE vulnerabilities
mailing-list
x_refsource_BUGTRAQ
TA04-033A
third-party-advisory
x_refsource_CERT
MS04-004
vendor-advisory
x_refsource_MS
oval:org.mitre.oval:def:532
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:534
vdb-entry
signature
x_refsource_OVAL
20031125 HijackClickV2 - a successor of HijackClick attack
mailing-list
x_refsource_BUGTRAQ
ie-method-perform-actions(13844)
vdb-entry
x_refsource_XF
oval:org.mitre.oval:def:529
vdb-entry
signature
x_refsource_OVAL
1006036
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now