(http://online.securityfocus.com/archive/1/267561) So it wont come as a total shock that so is clicking a link :) The problem lies in the dragdrop method that was added as a method on nearly all HTML elements in ie5.5 This method makes any element act like its being dragged. It is possible to abuse this behaviour to drop text in a html upload control thus allowing you to read any file from an unsuspecting users harddisk.
Would you like to know more? Thanks PivX.
Downloads and Drivers
From the Forums
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.