| Thread Tools |
18th March 2016, 11:45 | #1 |
[M] Reviewer Join Date: May 2010 Location: Romania
Posts: 148,618
| Yahoo Fixes Email Address Spoofing Bug I wonder how long this was an issue before this guy discovered it? As easy as this was to pull off, I'm actually surprised hackers weren't exploiting this already. Remote attackers are able to spoof the sender name of yahoo email users to send a spoofed sender with spoofed content. After investigation in the vulnerability we discovered that it is located in the yahoo classic web application product. Attackers are able to perform the malicious interaction via the yahoo classic mail service. The vulnerability is located in the `compose message` module of the web service. The request method to inject or intercept as reply is POST. http://www.hardocp.com/news/2016/03/..._spoofing_bug/ |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Yahoo Mail drops passwords and adds third-party email support for new apps | Stefan Mileschin | WebNews | 0 | 16th October 2015 09:04 |
Yahoo wants to keep your email safe from prying eyes | Stefan Mileschin | WebNews | 0 | 8th August 2014 07:20 |
How to Add an Email Address to the Safe Senders List in Outlook 2013 | Stefan Mileschin | WebNews | 0 | 25th March 2014 07:37 |
NSA collecting email and messaging contacts worldwide, Yahoo moves to encrypt webmail | Stefan Mileschin | WebNews | 0 | 15th October 2013 08:40 |
Interested in Having an NSA.org Email Address? | Stefan Mileschin | WebNews | 0 | 16th September 2013 11:05 |
Yahoo shutters its email service in China | Stefan Mileschin | WebNews | 0 | 20th August 2013 08:30 |
iPhone reportedly vulnerable to text message spoofing flaw | Stefan Mileschin | WebNews | 0 | 20th August 2012 06:44 |
Firefox Spoofing Bug Puts Passwords At Risk | jmke | WebNews | 0 | 4th January 2008 17:25 |
Thread Tools | |
| |