CVE-2009-0369

Microsoft Internet Explorer 7 - CSRF

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-0369. PoCs published by UzmiX.

AI-analyzed exploit summary This exploit demonstrates a Clickjacking vulnerability in Internet Explorer 7 by overlaying an invisible div on a legitimate link, tricking users into clicking a malicious link instead. The PoC uses JavaScript to dynamically position the invisible div over the user's cursor.

Description

Microsoft Internet Explorer 7 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Clickjacking" vulnerability.

Exploits (1)

exploitdb WORKING POC VERIFIED
by UzmiX · textremotewindows
https://www.exploit-db.com/exploits/7912

This exploit demonstrates a Clickjacking vulnerability in Internet Explorer 7 by overlaying an invisible div on a legitimate link, tricking users into clicking a malicious link instead. The PoC uses JavaScript to dynamically position the invisible div over the user's cursor.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Internet Explorer 7
No auth needed
Prerequisites: User interaction (clicking a link)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7912
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/48542

Scores

EPSS 0.2071
EPSS Percentile 95.7%

Details

Status published
Products (1)
microsoft/internet_explorer 7
Published Jan 30, 2009
Tracked Since Feb 18, 2026