it stole my cookie boo hoo and FUCKED WITH ME - causing all sorts of major problems. it stole my mail and server passwords and i don't know what else.
my yahoo weather still says i live in peurto rico or someplace
i ended up not being able to use my computer - and a seemingly endless process of trying to fix things, restore efficiency, and install effective security programmes followed, and it really only ended a month or so ago. although i was able to use my mail again earlier than that. i did end up finding a hidden trojan, etc. but who knows - maybe i succeeded through no action of my own, but simply because yahoo plugged the security hole later last year!
Yahoo Inc. has fixed a security vulnerability in its Yahoo Mail service that could have allowed malicious hackers to hijack accounts and harm users in a variety of ways.
"We have developed a fix for this bug and have deployed it worldwide. Yahoo Mail users will not be required to take any action to be protected from this exploit," said Kelley Podboy, a Yahoo spokeswoman, via e-mail.
Nir Goldshlager and Roni Bachar from Avnet, a computer security company based in Israel, discovered the vulnerability in early August.
It was also possible to steal the recipient's Yahoo Mail cookie, hijack the session and gain access to the person's in-box. "This attack vector could be used to launch a variety of other more sophisticated attacks," Bachar wrote. These could include unleashing worms, installing keylogger programs, phishing and scanning ports on the PC.
After identifying the vulnerability, Bachar and Goldshlager immediately alerted Yahoo, so that the vendor could patch its system. Bachar isn't aware of any known exploits of the vulnerability.