Untrusted Scripted Paste Issue in Internet Explorer 4.01

The "Untrusted Scripted Paste" vulnerability, also known as the "Cuartango" vulnerability, could enable a malicious web site operator to use scripted paste operations to read a file that resides in a known location on a user's system.

Issue

The "Untrusted Scripted Paste" issue involves a vulnerability in Internet Explorer® that could allow a malicious web site operator to circumvent certain Internet Explorer security safeguards. This vulnerability makes it possible for the operator to read the contents of a file on the user's computer if he knows the exact name and path of the targeted file. This could also be used to view the contents of a file on the user's network, if the user has access to it and the malicious operator knows its direct path name.

The underlying problem is the ability of a script to use the Document.ExecCommand function to paste a filename into the file upload intrinsic control. This should only be possible by explicit user action. Once the filename has been pasted into the control, a subsequent form submission could send the file to a remote web site. If the user has disabled the default warning that is displayed when submitting unencrypted forms, the file would be sent without any warning to the user.

Affected Products

• Internet Explorer 4.0, 4.01 and 4.01 SP1 on Windows NT 4.0, Windows 95 and Windows 98

Download

Patch: http://www.microsoft.com/windows/ie/security/paste.asp

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: November 18, 1998

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<