An ActiveX control shipped with IE can be used to install software components signed by Microsoft without prompting the user. This of course raises trust issues. Someone, not necessarily Microsoft, could use this control to install a Microsoft signed component in your system.
00f3f0b2e0d5491b814f02f98a69262203221432818c66cf49198886b616c325MSIE 4 Privacy Issue: clipboard content can be made public by a javascript code two lines long. Exploit code included.
533480375e13300a1ea411f4dea31920cc0d84718326039eb9f44a2afd0493a2More Microsoft Internet Explorer 5 vulnerabilities! Microsoft Active X control called "DHTML Edit control Safe for Scripting for IE 5" contains security holes that allow public access to the clipboard and cross-frame access, among other things. Exploit code examples included.
c2521e524f27af1a173959487b0052a7eba6c27e26cb67ddea1ef8b99b484082Microsoft Internet Explorer 4.x vulnerability in ActiveX object allows remote attacker to obtain local user's clipboard content with simple JavaScript code.
3a9e7508d8e89ab51d6906bf042aed33297223303be07f2cab87430a42c6fa97
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed