CVE-2009-0374

Published: Jan 30, 2009Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Google Chrome 1.0.154.43 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Clickjacking" vulnerability. NOTE: a third party disputes the relevance of this issue, stating that "every sufficiently featured browser is and likely will remain susceptible to the behavior known as clickjacking," and adding that the exploit code "is not a valid demonstration of the issue.

Affected (1)

Products: Google: Chrome

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Version 1.0.154.43

References (8)

http://www.secniche.org/gcr_clkj/

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/500499/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/500533/100/0/threaded

Source: cve@mitre.org

https://www.exploit-db.com/exploits/7903

Source: cve@mitre.org

http://www.secniche.org/gcr_clkj/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/500499/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/500533/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/7903

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.