MS.IE.Valid.File.DragDrop.Code.Embedded
Description
This indicates a possible exploit of a vulnerability in the drag-and-drop feature of Microsoft Internet Explorer.
The vulnerability is due to the application's failure to validate drag and drop events. An attacker may create a malicious web page and send it to a potential victim as an email or a web link. If the user visits the malicious web site or views the malicious e-mail message, the attacker may be able to save a file on the user's system and execute arbitrary code.
Affected Products
Microsoft Internet Explorer 5.01, 5.5, and 6
Impact
Compromised of the affected system.
Recommended Actions
Apply the security patch to the system as given in the Microsoft bulletins MS05-008 and MS05-014.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |