Microsoft Internet Explorer dragDrop Method Local File Reading Vulnerability

info
discussion
exploit
solution
references

Microsoft Internet Explorer dragDrop Method Local File Reading Vulnerability

The following proof of concept web page was provided by "jelmer" <jelmer@kuperus.xs4all.nl>:

http://kuperus.xs4all.nl/security/ie/xfiles.htm