http://www.wilderssecurity.com/showthre ... ost2148480
http://krebsonsecurity.com/2012/11/yaho ... tches-700/
[quote]A zero-day vulnerability in yahoo.com that lets attackers hijack Yahoo! email accounts and redirect users to malicious Web sites offers a fascinating glimpse into the underground market for large-scale exploits.
The exploit, being sold for $700 by an Egyptian hacker on an exclusive cybercrime forum, targets a “cross-site scripting
Yahoo exploited read link
Yahoo exploited read link
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
Supposedly the NoScript addon for FireFox offers protection against XSS attacks ... http://noscript.net/features#xss
Yahoo exploited read link
The thing is... there have been many vulnerabilities discovered involving cross-site scripting which have been fixed to date as explained here. So, I am thinking that this must be a new security risk that will have to be addressed. Unfortunately, it doesn't appear to be a "one size patch fixes all" kind of problem.
Monsie
Monsie
My [u]username[/u] is pronounced: "mun-see". Derived from my surname, it was my nickname throughout high school.