CVE-2009-0374

Google Chrome 1.0.154.43 - Clickjacking via Crafted Element Positioning

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-0374. PoCs published by x0x.

AI-analyzed exploit summary This exploit demonstrates a clickjacking vulnerability in Google Chrome by overlaying an invisible div on a legitimate link, tricking users into clicking a malicious URL. The PoC uses CSS and JavaScript to track mouse movements and redirect users.

Description

Google Chrome 1.0.154.43 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Clickjacking" vulnerability. NOTE: a third party disputes the relevance of this issue, stating that "every sufficiently featured browser is and likely will remain susceptible to the behavior known as clickjacking," and adding that the exploit code "is not a valid demonstration of the issue.

Exploits (1)

exploitdb WORKING POC VERIFIED
by x0x · htmlremotewindows
https://www.exploit-db.com/exploits/7903

This exploit demonstrates a clickjacking vulnerability in Google Chrome by overlaying an invisible div on a legitimate link, tricking users into clicking a malicious URL. The PoC uses CSS and JavaScript to track mouse movements and redirect users.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Google Chrome (versions affected by CVE-2009-0374)
No auth needed
Prerequisites: User interaction (clicking a link)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Various Sources x_refsource_misc
http://www.secniche.org/gcr_clkj/
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7903
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500533/100/0/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500499/100/0/threaded

Scores

EPSS 0.0240
EPSS Percentile 81.9%

Details

Status published
Products (1)
google/chrome 1.0.154.43
Published Jan 30, 2009
Tracked Since Feb 18, 2026