Microsoft Internet Explorer 5.0 contains the recently discovered clipboard vulnerability, but now ALL HTML <INPUT> boxes, along with DHTML, can be used to grab your clipboard contents. The default clipboard setting for IE5 is also slacker than before.
93c208044a6cb3ff95fb176590f877b96349f76adbc46a0b2dd9424427eaf80a
Date: Wed, 24 Mar 1999 17:29:49 +0100
From: Juan Carlos Garcia Cuartango <cuartangojc@MX3.REDESTB.ES>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Internet Explorer 5 Paste operations
Greetings,
I have further investigated the Clipboard Vulnerabillity in IE 5.
In IE 4 scripted "paste" operations where only allowed if data
where copied by the IE 4 itself. It was a good security rule.
IE 5 has changed this security policy : scripted "paste" is
allowed for all clipboard origins if the security setting "Allow
paste operations via script" is set to "Enable" (default setting).
We can conclude that clipboard security police is less restrictive
in IE 5 than It was in IE 4.
When I was expecting an stronger security policy in IE 5, the
reality is that IE 5 users are loosing privacy. The clipboard
vulnerability I reported in DHTML Edit control exists in fact in
all the HTML <INPUT> boxes , just performing a javascript command
"document.execCommand("paste");" the clipboard will be made public.
Regards,
Juan Carlos