Internet Explorer drag and drop vulnerability

Discussion in 'other security issues & news' started by ronjor, Aug 19, 2004.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,728
    Location:
    Texas
    Description:
    http-equiv has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.

    The vulnerability is caused due to insufficient validation of drag and drop events issued from the "Internet" zone to local resources. This can be exploited by a malicious website to e.g. plant an arbitrary executable file in a user's startup folder, which will get executed the next time Windows starts up.

    http-equiv has posted a PoC (Proof of Concept), which plants a program in the startup directory when a user drags a program masqueraded as an image.

    NOTE: Even though the PoC depends on the user performing a drag and drop event, it may potentially be rewritten to use a single click as user interaction instead.

    This vulnerability is a variant of an issue discovered by Liu Die Yu.
    SA9711

    The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP1/SP2.

    Solution:
    Disable Active Scripting or use another product.

    Secunia
     
  2. Pigman

    Pigman Registered Member

    Joined:
    May 15, 2004
    Posts:
    381
    How many vulnerabilities is that now? :p
     
Loading...
Thread Status:
Not open for further replies.