Signature Detail

HTTP: Internet Explorer Cache clipboardData

This signature detects attempts to exploit a known vulnerability in Microsoft Internet Explorer. IE 5.5 is vulnerable; IE 5 SP2 and 6.0 SP1 are not vulnerable. IE does not confirm that multiple open browser windows are operating in the proper security zones; attackers can obtain sensitive information from the host cache and full Read/Write access to the clipboard (regardless of settings).

Extended Description

Microsoft Internet Explorer provides clipboard access functions to web based applications. IE implements an object, clipboardData, that provides script access to clipboard information. This object is presumably provided to allow temporary storage of data and clipboard manipulation by legitimate applications, for example to facilitate drag-and-drop operations. Unfortunately this could potentially result in disclosure of sensitive information to a hostile web site. This is not strictly a vulnerability, as Microsoft provides settings to disable this functionality, however it is enabled by default and operations of this sort can be conducted without prompting the user. For this reason it should be considered a potential threat.

Affected Products

• Microsoft Internet Explorer 5.0
• Microsoft Internet Explorer 5.0.1
• Microsoft Internet Explorer 5.5
• Microsoft Internet Explorer 6.0

References

• BugTraq: 3862
• CVE: CVE-2002-1671