CVE-2003-1027 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2003-1027
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2003-1027

Description: Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different vulnerability than CVE-2003-0823, aka the "Function Pointer Drag and Drop Vulnerability."

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/13844 ST 1006036 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:529 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:527 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:530 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:531 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:532 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:534 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:629 MS http://www.microsoft.com/technet/security/bulletin/ms04-004.asp MISC http://www.safecenter.net/UMBRELLAWEBV4/HijackClickV2 CERT-VN 413886 CERT http://www.us-cert.gov/cas/techalerts/TA04-033A.html BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=107038202225587&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=106979479719446&w=2

Return to the previous page.