An ActiveX control shipped with IE can be used to install software components signed by Microsoft without prompting the user. This of course raises trust issues. Someone, not necessarily Microsoft, could use this control to install a Microsoft signed component in your system.
a6f230dc95b98b2d73a0f82f61dfe607MSIE 4 Privacy Issue: clipboard content can be made public by a javascript code two lines long. Exploit code included.
7154c397ae28f144018828ec5c3b509dMore Microsoft Internet Explorer 5 vulnerabilities! Microsoft Active X control called "DHTML Edit control Safe for Scripting for IE 5" contains security holes that allow public access to the clipboard and cross-frame access, among other things. Exploit code examples included.
e2fe2708e182aa7971209fcbccc5c672Microsoft Internet Explorer 4.x vulnerability in ActiveX object allows remote attacker to obtain local user's clipboard content with simple JavaScript code.
85b661435c175c23f16f53239f19302b
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed