Yahoo Moves Quickly To Plug Phishing Hole

by admin June 23, 2007 at 3:00 pm

A security researcher is alleging that Yahoo was at risk from a pair of critical phishing and redirection vulnerabilities. One of them may well still be open too.

Security Researcher Aditya K Sood posted a security advisory on a public mailing list explaining that, ” a severe redirection and phishing vulnerability have been found in Yahoo Network.”

According to Sood, the vulnerability could have allowed certain specific URLs linked on the Yahoo network websites to be manipulated to redirect traffic for a malicious purpose like phishing.

Sood alleged that the whole Yahoo network was vulnerable to this type of attack. The researcher does however claim that the issue was reported and patched by Yahoo within 24 hours.

Full story: