Description
Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Prompt," which may enable security-sensitive operations that are inconsistent with the user's intended configuration.
Product(s):
- Microsoft IE 6.0 SP1
- Microsoft IE 6.0 Service Pack 2
- Microsoft Internet Explorer 6.0
- Microsoft Internet Explorer 6.0 -
- Microsoft Internet Explorer 6.0 Service Pack 1
- Microsoft Windows XP 64-bit
- Microsoft Windows XP Embedded
- Microsoft Windows XP Home Edition
- Microsoft Windows XP Media Center Edition
- Microsoft Windows XP Gold Professional
- Microsoft Windows XP SP1 64-bit
- Microsoft Windows XP SP1 Embedded
- Microsoft Windows XP SP1 Home
- Microsoft Windows XP SP1 Media Center
- Microsoft Windows XP Service Pack 2 Home Edition
- Microsoft Windows XP Service Pack 2 Media Center Edition
- Microsoft Windows XP SP2 Tablet PC
- Microsoft windows xp_gold embedded
- Microsoft Windows XP (gold) Home Edition
- Microsoft windows xp_gold media_center
- Microsoft Windows XP Professional Gold
- Microsoft windows xp_sp1 embedded
- Microsoft Windows XP Service Pack 1 Home Edition
- Microsoft windows xp_sp1 media_center
- Microsoft windows xp_sp2 embedded
- Microsoft windows xp_sp2 media_center
- Microsoft windows xp_sp2 tablet_pc
- Microsoft Windows XP Service Pack 3 Embedded Edition
- Microsoft Windows XP Service Pack 3 Home Edition
- Microsoft Windows XP Service Pack 3 Media Center Edition
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2004-0979, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2004-0979 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.