Thursday, November 25, 2010

Vulnerability regarding "Allow paste operations via script"


by Nami

Sleipnir with default settings has vulnerability that content on your clipboard might be sniffed or altered by websites.  We updated Sleipnir at 3pm today in Japan time, so please make sure to overwrite your Sleipnir or set its settings as follows.

Sleipnir 2.9.6 download page

If you are using IE6:
1. Choose "Tools -> Internet Option"
2. Choose "Security" tab and click "Custom Level"
3. Go to "script" and set "Allow paste operations via script" "Disable" or "Prompt"
* You need to change only "Internet Option", not "Sleipir Option."

If you are using IE7:
"Allow paste operations via script" in the "Internet Option" is set "Prompt" by default.

Go to "Sleipbir Option -> View -> Trident Primary -> Detail setting" and check the box of "Enable Script Past Url Action If Prompt."

Thank you.

No comments: