VULHUB ™

Microsoft Internet Explorer provides clipboard access functions to web based applications. IE implements an object, clipboardData, that provides script access to clipboard information. This object is presumably provided to allow temporary storage of data and clipboard manipulation by legitimate applications, for example to facilitate drag-and-drop operations. Unfortunately this could potentially result in disclosure of sensitive information to a hostile web site. This is not strictly a vulnerability, as Microsoft provides settings to disable this functionality, however it is enabled by default and operations of this sort can be conducted without prompting the user. For this reason it should be considered a potential threat.

Microsoft Internet Explorer provides clipboard access functions to web based applications. IE implements an object, clipboardData, that provides script access to clipboard information. This object is presumably provided to allow temporary storage of data and clipboard manipulation by legitimate applications, for example to facilitate drag-and-drop operations. Unfortunately this could potentially result in disclosure of sensitive information to a hostile web site. This is not strictly a vulnerability, as Microsoft provides settings to disable this functionality, however it is enabled by default and operations of this sort can be conducted without prompting the user. For this reason it should be considered a potential threat.