Vulners
Lucene search
msie.5.0.paste.txt
`Date: Wed, 24 Mar 1999 17:29:49 +0100
From: Juan Carlos Garcia Cuartango <[email protected]>
To: [email protected]
Subject: Internet Explorer 5 Paste operations
Greetings,
I have further investigated the Clipboard Vulnerabillity in IE 5.
In IE 4 scripted "paste" operations where only allowed if data
where copied by the IE 4 itself. It was a good security rule.
IE 5 has changed this security policy : scripted "paste" is
allowed for all clipboard origins if the security setting "Allow
paste operations via script" is set to "Enable" (default setting).
We can conclude that clipboard security police is less restrictive
in IE 5 than It was in IE 4.
When I was expecting an stronger security policy in IE 5, the
reality is that IE 5 users are loosing privacy. The clipboard
vulnerability I reported in DHTML Edit control exists in fact in
all the HTML <INPUT> boxes , just performing a javascript command
"document.execCommand("paste");" the clipboard will be made public.
Regards,
Juan Carlos
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Aug 1999 00:00Current
7.4High risk
Vulners AI Score7.4