GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Whats on your clipboard (Serious Stuff) IE Vulnerability

kirupai · 02-13-2004, 09:40 PM

Ok go to this website:

http://www.infinitybit.com/comsec/clippy.html

As you can see it will show what is currently stored on your clipboard this a serious flaw on IE and it has been for more than 3 yeras. Now how is this dengerous... well lets say you have some sensitive data on your clipboard you visit a website it loads and it mails a form with a field from your clipboard and thats all it takes.

Solution:

Users can close this hole by changing the default Internet setting. Preferably, Microsoft
should change the default option to prompt on the Internet zone.

To close this hole in ~7 clicks: Tools, Internet Options, Security, Internet Zone,
Custom Level, Scripting, Allow paste options via scripting -> Disable.

Credits: Steven Vittitoe and Blake Sterzinger

02-13-2004, 09:40 PM
kirupai Confirmed User Join Date: Aug 2003 Location: California Posts: 894	Whats on your clipboard (Serious Stuff) IE Vulnerability Ok go to this website: http://www.infinitybit.com/comsec/clippy.html As you can see it will show what is currently stored on your clipboard this a serious flaw on IE and it has been for more than 3 yeras. Now how is this dengerous... well lets say you have some sensitive data on your clipboard you visit a website it loads and it mails a form with a field from your clipboard and thats all it takes. Solution: Users can close this hole by changing the default Internet setting. Preferably, Microsoft should change the default option to prompt on the Internet zone. To close this hole in ~7 clicks: Tools, Internet Options, Security, Internet Zone, Custom Level, Scripting, Allow paste options via scripting -> Disable. Credits: Steven Vittitoe and Blake Sterzinger