[nycphp-talk] javascript vulnerability
Preston-Campbell
brian at preston-campbell.com
Mon Jul 29 16:41:23 EDT 2002
I think I'm just going to go with plan "A". There is no mention of a
problem in Linux -- big surprise.
<snip>
The discoverer of this issue has reported that Microsoft does not feel this
is a valid vulnerability. A workaround for Internet Explorer is to disable
the ability of script code to manipulate/interact with the clipboard/cut and
paste functionality.
To do so, users should:
- Click on the "Tools" toolbar pulldown
- Select "Internet options"
- Click on the "Security" tab
- For each of the zones that you wish to disable the feature:
- Click "Custom Level"
- Go to the "Scripting" sub-section
- Set "Allow paste operations via script" to "Disable"
Another, broader workaround is to disable scripting completely. This may
adversely affect your browsing abilities.
</snip>
Brian
----- Original Message -----
From: "Analysis & Solutions" <danielc at analysisandsolutions.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Monday, July 29, 2002 3:34 PM
Subject: [nycphp-talk] javascript vulnerability
> Hi Folks:
>
> Nice meeting some of you last week. Security Focus' latest weekly
> contains a notice about a JavaScript vulnerability. In some ways, it's
> just another incantation of prior problems.
>
> http://www.securityfocus.com/bid/5290
>
> Anyway, it's a good reason to keep JS off in your browser. And another
> good not to rely on it on your websites.
>
> Enjoy,
>
> --Dan
>
> --
> PHP classes that make web design easier
> SQL Solution | Layout Solution | Form Solution
> sqlsolution.info | layoutsolution.info | formsolution.info
> T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
> 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
>
>
>
More information about the talk
mailing list