CVE-2003-1027Microsoft Internet Explorer vulnerability

3 documents3 sources
Severity
10.0CRITICALNVD
CNA7.5
EPSS
59.9%
top 1.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedJan 20
Latest updateApr 29

Description

Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different vulnerability than CVE-2003-0823, aka the "Function Pointer Drag and Drop Vulnerability."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDmicrosoft/internet_explorer4 versions+3
NVDmicrosoft/ie6.0

🔴Vulnerability Details

2
GHSA
GHSA-j6fj-77f5-j227: Internet Explorer 52022-04-29
CVEList
CVE-2003-1027: Internet Explorer 52004-01-08
CVE-2003-1027 — Microsoft vulnerability | cvebase