Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Quote
Websense Security Labs™ has received reports of a new Internet Explorer "zero-day" vulnerability which could allow the launching of code without consent from the end-user. The vulnerability...is similar to the "drag-and-drop" vulnerability that has been exploited in the past.
As the vulnerability outlines, a specially crafted website would have to dupe a user into dragging and dropping an item from one window to the other. Upon releasing the mouse in the newly focused window the code will run without consent.
As the vulnerability outlines, a specially crafted website would have to dupe a user into dragging and dropping an item from one window to the other. Upon releasing the mouse in the newly focused window the code will run without consent.
websensesecuritylabs.com
Internet Explorer Drag-and-Drop Redeux
Back to top
