Microsoft Internet Explorer on Windows XP Fails to Restrict Drag and Drop Operations When Configured to Disable These Operations
Categorie: Vulnerability Posted: 2004-10-22 by ReCall Views: 594 Source: Click here
Current Rating: Not rated
Details
Description: A vulnerability was reported in Microsoft Internet Explorer on Windows XP. The browser does not enforce the security preference for "Drag and drop or copy and paste files."
The vendor reported that when the "drag and drop or copy and paste files" setting is configured to 'disable' or 'prompt', the system will permit the operations anyway.
Impact: The system fails to restrict drag and drop operations when the feature is configured to disabled these operations.
Solution: The vendor issued a fix as part of MS04-038, described at:
