CVE
- Id
- 487
- CVE No.
- CVE-1999-0489
- Status
- Candidate
- Description
- MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013.
- Phase
- Modified (19991205-01)
- Votes
- ACCEPT(1) Levy | MODIFY(1) Wall | NOOP(2) Baker, Ozancin | RECAST(1) Prosser | REJECT(1) Christey | REVIEWING(1) Frech
- Comments
- Frech> Wasn"t Untrusted scripted paste MS98-015? I can find no mention of a | clipboard in either. | I cannot proceed on this one without further clarification. | Wall> (source: MS:MS99-012) | Prosser> agree with Andre here. The Untrusted Scripted paste | vulnerability was originally addressed in MS98-015 and it is in the file | upload intrinsic control in which an attacker can paste the name of a file | on the target"s drive in the control and a form submission would then send | that file from the attacked machine to the remote web site. This one has | nothing to do with the clipboard. What the advisory mentioned here, | MS99-012, does is replace the MSHTML parsing engine which is supposed to fix | the original Untrusted Scripted Paste issue and a variant, as well as the | two Cross-Frame variants and a privacy issue in IMG SRC. | The vulnerability that allowed reading of a user"s clipboard is the Forms | 2.0 Active X control vulnerability discussed in MS99-01 | Christey> The advisory should have been listed as MS99-012. | CVE-1999-0468 describes the untrusted scripted paste problem | in MS99-012. | Frech> Pending response to guidance request. 12/6/01.
