Vulnerabilities > CVE-2003-0823 - Unspecified vulnerability in Microsoft IE and Internet Explorer
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 |
Oval
accepted 2014-02-24T04:03:16.465-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027. family windows id oval:org.mitre.oval:def:368 status accepted submitted 2003-12-18T12:00:00.000-04:00 title IE v5.01,SP2 HijackClick Vulnerability version 67 accepted 2014-02-24T04:03:16.571-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027. family windows id oval:org.mitre.oval:def:369 status accepted submitted 2003-12-18T12:00:00.000-04:00 title IE v5.01,SP3 HijackClick Vulnerability version 67 accepted 2014-02-24T04:03:16.646-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027. family windows id oval:org.mitre.oval:def:370 status accepted submitted 2003-12-18T12:00:00.000-04:00 title IE v5.01,SP4 HijackClick Vulnerability version 67 accepted 2014-02-24T04:03:16.716-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027. family windows id oval:org.mitre.oval:def:371 status accepted submitted 2003-12-18T12:00:00.000-04:00 title IE v5.5,SP2 HijackClick Vulnerability version 66 accepted 2014-02-24T04:03:16.778-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027. family windows id oval:org.mitre.oval:def:372 status accepted submitted 2003-12-18T12:00:00.000-04:00 title IE v6.0,SP1 HijackClick Vulnerability version 67 accepted 2014-02-24T04:03:24.051-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Harvey Rubinovitz organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027. family windows id oval:org.mitre.oval:def:588 status accepted submitted 2003-12-18T12:00:00.000-04:00 title IE v6.0,SP1 (Server 2003) HijackClick Vulnerability version 68 accepted 2014-02-24T04:03:26.241-05:00 class vulnerability contributors name Tiffany Bergeron organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Maria Mikhno organization ALTX-SOFT
description Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027. family windows id oval:org.mitre.oval:def:733 status accepted submitted 2003-12-18T05:00:00.000-04:00 title IE v6.0 (XP) HijackClick Vulnerability version 67
References
- http://www.securityfocus.com/archive/1/337086
- http://www.kb.cert.org/vuls/id/413886
- http://secunia.com/advisories/10192
- http://www.securitytracker.com/id?1006036
- http://marc.info/?l=bugtraq&m=106322197932006&w=2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A733
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A588
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A372
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A371
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A370
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A369
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A368
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-048