MitreCVELIST:CVE-2003-1027CVE-2003-1027
Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different vulnerability than CVE-2003-0823, aka the “Function Pointer Drag and Drop Vulnerability.”
References
marc.info/?l=bugtraq&m=106979479719446&w=2
marc.info/?l=bugtraq&m=107038202225587&w=2
www.kb.cert.org/vuls/id/413886
www.safecenter.net/UMBRELLAWEBV4/HijackClickV2
www.securitytracker.com/id?1006036
www.us-cert.gov/cas/techalerts/TA04-033A.html
docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-004
exchange.xforce.ibmcloud.com/vulnerabilities/13844
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A527
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A529
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A530
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A531
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A532
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A534
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A629
Related
