Intrusion Prevention



This indicates a possible exploit of a vulnerability in the drag-and-drop feature of Microsoft Internet Explorer.
The vulnerability is due to the application's failure to validate drag and drop events. An attacker may create a malicious web page and send it to a potential victim as an email or a web link. If the user visits the malicious web site or views the malicious e-mail message, the attacker may be able to save a file on the user's system and execute arbitrary code.

Affected Products

Microsoft Internet Explorer 5.01, 5.5, and 6


Compromised of the affected system.

Recommended Actions

Apply the security patch to the system as given in the Microsoft bulletins MS05-008 and MS05-014.

CVE References