Home > Vulnerability Database > CVE-2009-0374

Mend.io Vulnerability Database

CVE-2009-0374

Date: January 30, 2009

Google Chrome 1.0.154.43 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Clickjacking" vulnerability. NOTE: a third party disputes the relevance of this issue, stating that "every sufficiently featured browser is and likely will remain susceptible to the behavior known as clickjacking," and adding that the exploit code "is not a valid demonstration of the issue.

Severity Score

3.7

Related Resources (6)

Url: http://www.securityfocus.com/archive/1/500499/100/0/threaded

Url: http://www.securityfocus.com/archive/1/500533/100/0/threaded

Url: http://www.secniche.org/gcr_clkj/

Url: https://nvd.nist.gov/vuln/detail/CVE-2009-0374

Url: https://www.exploit-db.com/exploits/7903

Url: https://www.mend.io/vulnerability-database/CVE-2009-0374

Severity Score

3.7

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2009-0374

Date: January 30, 2009

Severity Score

Related Resources (6)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?