121 matches found
CVE-2018-1504
IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks...
CVE-2018-1504
IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks...
Design/Logic Flaw
IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks...
Security Bulletin: A Security Vulnerability was fixed in IBM Security Privileged Identity Manager (CVE-2016-0357)
Summary IBM Security Identity Manager Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim Vulnerability Details CVEID: CVE-2016-0357 DESCRIPTION: IBM Security Identity Manager Virtual Appliance could allow a remote attacker to hijack the clicking action of...
Security Bulletin: Multiple vulnerabilities in IBM Financial Transaction Manager for ACH Services, Check Services and Corporate Payment Services
Summary Multiple vulnerabilities in IBM Financial Transaction Manager for ACH Services, Check Services and Corporate Payment Services. Note the description says ACH Services but the vulnerabilities also apply to Check and CPS. Vulnerability Details CVEID: CVE-2016-0253 DESCRIPTION: IBM Financial...
PT-2018-5784 · Ibm · Ibm Doors Web Access
Name of the Vulnerable Software and Affected Versions: IBM Doors Web Access versions 9.5 through 9.6 Description: The issue allows a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this to hijack th...
CVE-2017-1465
IBM TRIRIGA 3.2, 3.3, 3.4, and 3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against t...
CVE-2017-1465
IBM TRIRIGA 3.2, 3.3, 3.4, and 3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against t...
CVE-2017-1554
IBM Infosphere BigInsights 4.2.0 and 4.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks...
CVE-2017-1428
CVE-2017-1428 affects IBM Cognos Analytics 11.0, where a remote attacker could hijack a victim’s click actions by enticing the user to visit a malicious site. Related IBM bulletin confirms fixes in IBM Cognos Analytics 11.0.x series, recommending upgrading to 11.0.7.0. Exploitation details are no...
CVE-2016-9719
IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click...
McAfee Network Data Loss Prevention Clickjacking Vulnerability (CNVD-2017-07549)
McAfee Network Data Loss Prevention is a data leakage protection solution. McAfee Network Data Loss Prevention NDLP suffers from a single-click hijacking vulnerability in the server implementation, which can be exploited by remote attackers to inject arbitrary web script or HTML via the HTTP...
CVE-2016-9010
IBM WebSphere Message Broker 9.0 and 10.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks...
HackerOne: HackerOne Integrations Design Issue
Summary HackerOne Integrations Design Issue Description Include Impact This bug is similar to 170552. The HackerOne Integrations feature is very sensitive and can not be used with just a click, IMHO, or we can say "HackerOne users are a click away from giving to an attacker very sensitive...
IBM Jazz Reporting Service (JRS) Clickjacking Vulnerability
IBM Jazz Reporting Service is an optional component of IBM Rational Reporting for Development Intelligence. IBM Jazz Reporting Service JRS has a security vulnerability in the Report Builder and Data Collection Component DCC implementations. A remote attacker could exploit this vulnerability to...
Chrome Pop-Up Warns Windows Users of Browser Hijacking
A rising number of online scams involve the modification of browser settings where a hacker spikes a free download or website with malware. The end result is generally a click-fraud scheme of some kind where the new browser settings might include spiked search engine pages or a new home page...
DNS Changer malware mastermind pleaded guilty
Remember the DNS Changer malware that infected at least four million computers in more than 100 countries, including 500,000 in the United States, with malicious software or malware ? Valeri Aleksejev, 32 years old from Estonia, is the first of the seven individuals to enter a plea, admitting his...
DNS Changer malware mastermind pleaded guilty
Remember the DNS Changer malware that infected at least four million computers in more than 100 countries, including 500,000 in the United States, with malicious software or malware ? Valeri Aleksejev, 32 years old from Estonia, is the first of the seven individuals to enter a plea, admitting his...
Mozilla Foundation Security Advisory 2008-40
Mozilla Foundation Security Advisory 2008-40 Title: Forced mouse drag Impact: Low Announced: September 23, 2008 Reporter: Paul Nickerson, Liu Die Yu Products: Firefox, SeaMonkey Fixed in: Firefox 3.0.2 Firefox 2.0.0.17 SeaMonkey 1.1.12 Description Mozilla developer Paul Nickerson reported a varia...
Forced mouse drag — Mozilla
Mozilla developer Paul Nickerson reported a variant of a click-hijacking vulnerability discovered in Internet Explorer by Liu Die Yu. The vulnerability allowed an attacker to move the content window while the mouse was being clicked, causing an item to be dragged rather than clicked-on. This issu...