also @ TechSpot: Rumor: AMD "Piledriver" FX CPU production to begin Q3 2012

TechSpot

TechSpot News Products Downloads Forums

Register now for a live online demo to see how the Office 365 suite of tools
- professional email, calendars, video conferencing, and file sharing -

dragDrop invocation IE vulnerability

Discussion in 'General Discussion' started by TS | Thomas, Feb 12, 2003.

Thread Status:: Not open for further replies.

TS | Thomas Newcomer, in training

We already knew pressing the back button on IE is dangerous
(http://online.securityfocus.com/archive/1/267561) So it wont come as a total shock that so is clicking a link The problem lies in the dragdrop method that was added as a method on nearly all HTML elements in ie5.5 This method makes any element act like its being dragged. It is possible to abuse this behaviour to drop text in a html upload control thus allowing you to read any file from an unsuspecting users harddisk.

Would you like to know more? Thanks PivX.

TS | Thomas, Feb 12, 2003

#1

(You must log in or sign up to reply here.)

Thread Status:: Not open for further replies.

TechSpot | Technology News and Analysis
Copyright © 1998-2012, TechSpot, Inc.
Forum software by XenForo™
TechSpot is a registered trademark
All Rights Reserved