New York Web Design News October 22 2005, the latest breaking New York Web design news brought to you by,
Web Designs Now,Website Designs Now,New York Web Design Homepage,Web Design Services for New York, Connecticut, Long Island,New York Web Design Client Testimonials,Website Portfolio of New York Web Design, About this New York Web Design Firm,Contact this New York Web Design Firm

Yahoo Web Mail Security Flaw
Web Design & Technology News, October 22, 2005

Colleges Protest Web-Wiretapping
Flock Web 2.0 Browser
Yahoo Web Mail Security Flaw
Zend Core: PHP for Oracle
Oracle Acquires InnoDB
Web Blackout Sparks Legal Talks
IBM Power5+ Unix Web Servers
Worm Spoofs Web Search Engines
Red Hat Linux Beats Estimates
Microsoft Confirms XP SP3

More Web Design News:
2007 Current News
2007 May
2007 March
2006 November
2006 September
2006 August
2006 July
2006 June
2006 May
2006 April
2006 March
2006 February
2006 January
2005 December
2005 November
2005 October
2005 September
2005 August
2005 July
2005 June
2005 May
2005 April
2005 March
2005 February
2004 March
2004 February
2004 January
2003 December
2003 November
2003 October
2003 September
2003 August
2003 July
2003 June
2003 March - May


October 22, 2005

Yahoo has fixed a security flaw in its free Web-based e-mail service that opened the door to phishing scams, account hijacks and other attacks.
By Joris Evers

The flaw, known as a cross-site scripting vulnerability, existed because Yahoo's Web site did not detect certain script tags in combination with certain special characters, according to SEC Consult, which issued an advisory on the flaw Friday.

Cross-site scripting flaws are found regularly, including recently in Google's Web site and earlier this year in Microsoft's Xbox 360 site.

Flaws have also been found on Yahoo's site. An attacker could exploit this type of flaw to hijack user accounts, launch information-stealing phishing scams or even download malicious code onto users' computers, experts have said.

A Yahoo representative said it fixed the most recent flaws in the "last few weeks" and that its users are protected.

"Yahoo recently learned of an issue in Yahoo Mail and worked immediately to begin rollout of a server-side fix which does not require users to take any action," said Karen Mahon, a Yahoo spokeswoman. "We are unaware of any users who were impacted by this issue."

Web Designs Now
Back to the Top
 © Copyright 2007, All rights reserved  |  Privacy Web Design Forums  |  Web Design News  |  Advertise  |  About Us  |  Contact Us  |  W3C HTML 
 Related Websites: New-York-WebDesign.com