Yahoo patches vulnerability allowing hackers to eavesdrop on emails

Edward Hudson By: Edward Hudson
2 minute read

Home » News » Yahoo patches vulnerability allowing hackers to eavesdrop on emails

Yahoo has fixed a flaw in its Mail service that could have allowed hackers to eavesdrop on user emails nearly a year after the same bug was disclosed and patched. Jouko Pynnonen from Finland received $10,000 from Yahoo for disclosing the new vulnerability, which Yahoo fixed last month.

The flaw concerned a cross-site scripting attack that gave an attacker the permission to read a user’s email or create a virus to infect Yahoo Mail accounts. Pynnonen explained that a user must view the email from an attacker for the bug to work.

The bug was similar to an old Yahoo Mail flaw that Pynnonen discovered last year that could give hackers complete control of a Yahoo Mail account.

Shortcoming in Yahoo filters

Pynnonen cited a shortcoming in Yahoo’s filter for HTML messages as the culprit for the latest vulnerability. The filter works to block malicious code from the user’s browser. According to the researcher, the filter failed to capture all of the malicious data attributes. A hacker could then execute malicious JavaScript just by sending a custom email to the victim.

The researcher discovered the flaw in the email composing view, where various attachment options called his attention to potential bug in basic HTML filtering. Pynnonen then created an email with various attachments and sent the message to an external mailbox. Upon inspecting the raw HTML contained in the email, some malicious attributes caught his attention.

“What caught my eye were the data-* HTML attributes. First, I realised my last year’s effort to enumerate HTML attributes allowed by Yahoo’s filter didn’t catch all of them.”

Pynnonen thought it was possible to embed several HTML attributes that would pass through Yahoo’s HTML filter. He eventually found a pathological case after composing an email with abusive data-* attributes.

Yahoo has been under fire earlier this year following reports that indicate at least 200 million Mail accounts were sold on the dark web.

Join our community
windows report logo
Subscribe to WindowsReport

Join our community of over 2 million active users and get the latest and most important Windows content on your email address.

Sign me up!

Read also:

Discussions

Next up

Solve Windows Store Won't Open in Windows 10

Windows Store Won’t Open in Windows 10 [FIX]

Ivan Jenic By: Ivan Jenic
9 minute read

Microsoft first introduced its App Store when it rolled out Windows 8, and has been improving its offering ever since. Windows 10 brought an exponential […]

Continue Reading

USB-C not working on Windows 10

Why USB-C not working on Windows 10 and how to fix it

Elsie Otachi By: Elsie Otachi
9 minute read

With the new USB-C connection type, there’s a whole lot more you can achieve than with either USB-A or USB-B type of connections. Still, you […]

Continue Reading

error 0x8000000b

How to fix error 0x8000000b in Mail app once and for all

Johnny Williams avatar. By: Johnny Williams
3 minute read

You’ve got an important email to send, but you receive the error 0x8000000b while trying to send your email. What now? To first understand why […]

Continue Reading