Bugtraq mailing list archives
IE5 Feature/security hole
From: ajp () global2000 net (Anthony Pijerov)
Date: Wed, 24 Mar 1999 16:04:00 -0500
In Internet Explorer 5, there is a feature, that remembers what you type into web page forms, so that if you ever come to enter that field again, it will drop down a box of your previous inputs. (Note, the first time you come to a form, it will ask you wether or not you want to enable this function, and you can say no) Good feature? Perhaps, it could be time saving, when say, having to type in your name on a form everytime. Security Hole? Yes. Credit Card Numbers, social security numbers, usernames, addresses. It will drop down a box with previous entered data. So if you say have a web site were you order stuff online, or entered some sort of data to verify yourself, the next person to use your computer can go to that same site, and have a nice list of what you typed. At a home computer the risk is limited to who you let use your computer, but at things like schools, or other areas where many people share the same computer, this could become a security/privacy problem. I verified it does work with Credit Card numbers on secure sites. I tested on CDNow and amazon.com (pretty popular sites to enter CC info). I think this feature is one that everyone needs to know to make sure is OFF. --------------------------------------------------------------------------- Anthony Pijerov Customer Support: 452-1465 ajp () global2000 net or 1-888-223-INET Customer Support Rep. http://www.global2000.net ----------------------------------------------------------------------------
Current thread:
- IE5 Feature/security hole Anthony Pijerov (Mar 24)
- Re: IE5 Feature/security hole Eilon Lipton (Mar 25)
- <Possible follow-ups>
- Re: IE5 Feature/security hole Juha Jäykkä (Mar 28)
- XFree86 3.3.3 on RedHat 5.2. Why is RedHat waiting?? Domas Mituzas (Mar 29)
- Re: XFree86 3.3.3 on RedHat 5.2. Why is RedHat waiting?? sillyhead (Mar 30)
- XFree86 security problem Patrick J. Volkerding (Mar 31)
- Re: IE5 Feature/security hole Eilon Lipton (Mar 29)
- XFree86 3.3.3 on RedHat 5.2. Why is RedHat waiting?? Domas Mituzas (Mar 29)