Welcome, Guest. Please login or register.

Author Topic: Yahoo and Hotmail e-mail accounts at risk  (Read 1110 times)


0 Members and 1 Guest are viewing this topic.

Offline blobranaTopic starter

  • Hero Member
  • *****
  • Join Date: Mar 2002
  • Posts: 4743
    • http://mysite.wanadoo-members.co.uk/blobrana/home.html
Yahoo and Hotmail e-mail accounts at risk
« on: March 24, 2004, 12:56:14 AM »
this may affect some of the members here (oh, misses!)...

Yes, another severe security vulnerability...
Flaws in the filtering technology used by Web-based email services Yahoo and Hotmail, make it possible for hackers to smuggle viruses past defences.
this "severe security" vulnerability could allow attackers to run code of their choice, "simply by sending an email to an unsuspecting Hotmail or Yahoo! user". When the victim attempts to read this email, the code executes to potentially dire consequence (e.g. theft of the user's login and password, seizure of machines etc.). The problem stems from a Cross-Site Scripting vulnerability involving IE. To blame is a new way to embed script involving an IE technology called HTML+TIME (based on SMIL), which is meant to add timing and media synchronisation support to HTML pages.

BTW i`m testing Mozilla 1.7beta  just now  (er, it has only crashed twice in two days. but still worth a look in)

P.S.  NO FIX for vulnerability ISSUED YET....