CVE-2008-3837

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a...

CVE-2003-0823

Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027...

CVE-2003-0823

CVE-2003-0823 describes a drag-and-drop hijack in Internet Explorer 6 SP1 and earlier, where invoking window.moveBy could direct drag-and-drop actions to other windows, enabling remote control of user actions. The vulnerability is cited as a variant exploited by other browsers as well (e.g., CVE-...

CVE-2003-1027

CVE-2003-1027 is a remote-code-execution vulnerability related to Internet Explorer’s handling of drag-and-drop. The Drag-and-Drop Vulnerability (CAN-2005-0053) updates address this and is explicitly stated as a variation of CVE-2003-1027. Affected software includes IE 5.01 through 6 SP1 (and rel...