Date: Wed, 24 Mar 1999 17:29:49 +0100
From: Juan Carlos Garcia Cuartango <cuartangojc@MX3.REDESTB.ES>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Internet Explorer  5 Paste operations


Greetings, 

I have further investigated the Clipboard Vulnerabillity in IE 5. 
In IE 4 scripted "paste" operations where only allowed if data 
where copied by the IE 4 itself. It was a good security rule. 
IE 5 has changed this security policy : scripted "paste" is 
allowed for all clipboard origins if the security setting "Allow
paste operations via script" is set to "Enable" (default setting). 
We can conclude that clipboard security police is less restrictive 
in IE 5 than It was in IE 4. 

When I was expecting an stronger security policy in IE  5, the 
reality is that  IE 5 users are loosing privacy. The clipboard 
vulnerability I reported in DHTML Edit control exists in fact in 
all the HTML  <INPUT> boxes , just performing a javascript command 
"document.execCommand("paste");" the clipboard will be made public.

Regards,

Juan Carlos