Yahoo has fixed a flaw in its Web-based e-mail service that exposed Yahoo Mail users to serious attacks, including potential interception of personal data, security company Finjan Software said Wednesday.
Yahoo's mail service contained a so-called malicious script execution flaw, according to Finjan. An attacker could send an e-mail containing malicious script and that code would automatically run once the user opened the message, the company said.
If successful, an attacker could delete files on a victim's computer, steal personal information such as usernames and passwords, credit card numbers and any other information a user inputs on his computer, according to Finjan.
http://www.nwfusion.com/news/2003/1210yahoofix.html
--
Donna
[]Security Software

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic