/?pid=security-researcher-goes-public-with-msn-and-amazon-flaws-1198

Updated:12:18 PM EST Nov 17
this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
ARTICLES
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
FORUMS
LINKS


(C) 2006-2025 TechAmok Independent
All Rights Reserved.


 
 Security Researcher Goes Public with MSN and Amazon Flaws - TechAmok

Security Researcher Goes Public with MSN and Amazon Flaws - [security]
04:58 PM EDT - Jul,02 2006 - post a comment

Frustrated with what he calls a lack of response from Microsoft and Amazon.com, a security researcher has gone public with details of flaws on the two companies' Web sites. The flaws could be used by attackers to steal "cookie" data files that would allow them to access Amazon.com and MSN accounts, or to display a fake login page that could be used in phishing attacks, according to Yash Kadakia, the independent security researcher who discovered the flaws.
Although the cross-site scripting flaws he discovered are generally considered to be low-risk problems, Kadakia's attack involves a technique called CRLF (Carriage Return Line Feed) injection, which can be used in a more serious and widespread attack, he said. Kadakia said he first notified Microsoft of the problem about a year ago. But he said he was not taken seriously until late last week, when he posted screen shots of the flaw being exploited on his Web site.

The Amazon.com flaw was discovered in December, but after some initial discussions with the Web retailer, the vulnerability remained unpatched, Kadakia said. "The conversations got dropped off somewhere," he said. A spokesman for Microsoft's public relations agency said the flaws were now being investigated. Amazon.com executives were unable to comment for this story.

Short overview of recent news articles

Rainbow Six Siege X - Official 'Team Rainbow's Last Mission' (Nov,17 2025 )

Stranger Things Seasons 1-4 Recap (Nov,17 2025 )

Kill Bill: The Whole Bloody Affair - Official Trailer (2025) Uma (Nov,16 2025 )

The Devil Wears Prada 2 - Official Teaser Trailer (2026) Meryl (Nov,15 2025 )

Valve’s New Console and Controller - STEAM Machine & STEAM (Nov,15 2025 )

Valve Steam Machine, Desktop SteamOS, Steam Frame VR, & Controller | (Nov,15 2025 )

Battlefield REDSEC - Official Live-Action Trailer (Nov,01 2025 )

What's the Best PC Upgrade (besides CPU/GPU)? (Nov,01 2025 )

Directive 8020 - RTX On Trailer (Oct,31 2025 )

Stranger Things 5 - Official Trailer (Oct,30 2025 )

AMD Releases Software Adrenalin Edition 25.10.2 WHQL Drivers (Oct,29 2025 )

Exploding AMD CPUs | Investigating ASRock's Murderboards (Oct,29 2025 )

Setting Up Our First Huge Gaming Event was CHAOS (Oct,29 2025 )

Malware of the Future: What an infected system looks like in 2025 (Oct,27 2025 )

F1: Race Highlights | 2025 Mexico City Grand Prix (Oct,27 2025 )

F1: Qualifying Highlights | 2025 Mexico City Grand Prix (Oct,26 2025 )

New Big Windows 11 25H2 October Update - New Taskbar Battery Icons (Oct,25 2025 )

Apple Prepping 'Transfer to Android' Feature, Including 3rd-Party (Oct,25 2025 )

HW News - RIP Internet, RAM Prices Skyrocket from AI Demand, Intel (Oct,24 2025 )

Retro Gaming PC Upgrades go WRONG! (Oct,21 2025 )

How social media has ruined us - the more time you spend online, the (Oct,21 2025 )

FERRARI 12 CILINDRI // 340KMH REVIEW on AUTOBAHN (Oct,20 2025 )

ROG Xbox Ally X - a PC Gamer's Perspective (Oct,20 2025 )

Race Highlights | 2025 United States Grand Prix (Oct,20 2025 )

RedMagic Puts Liquid Cooling in its New Gaming Phone (Oct,18 2025 )

Russia Says U.S. Is Planning a $37 Trillion Crypto Reset (Oct,18 2025 )

Tor Browser says no to Firefox's AI features as it removes them (Oct,18 2025 )

NVIDIA GeForce 581.57 WHQL Driver (Oct,14 2025 )

Samsung One UI 8.5 vs iOS 26 - COMPARISON (Oct,13 2025 )

Google Turned Down by Supreme Court, Must Open up App Payments (Oct,12 2025 )

AMD releases new 25.10.1 preview graphics driver with Battlefield 6 (Oct,10 2025 )

MERCY Official Trailer (2026) Chris Pratt (Oct,10 2025 )

Galaxy S26 Ultra - Samsung, Please Don't Copy This (Oct,07 2025 )

Canada's Las Vegas Sphere is here - and I game on it (Oct,06 2025 )

Predator: Badlands - Official Final Trailer (2025) (Oct,06 2025 )

Chasing a Gaming World Record (Oct,04 2025 )

Frankenstein - Official Trailer (2025) Guillermo del Toro, Oscar (Oct,02 2025 )

iPhone 17 Pro Max vs 16 Pro Max / Pixel 10 Pro XL / Galaxy S25 Ultra (Oct,02 2025 )

iOS 26.0.1 is Out! - What's New? (Sep,30 2025 )

NEW! 2026 Audi Q3 2.0 TFSI (265hp) vs. e-hybrid (272hp)| 0-100 km/h (Sep,30 2025 )

Samsung One UI 8.5 Hands on - I Was Wrong (Sep,29 2025 )

iPhone Air Teardown - What is 3D Printed Titanium? (Sep,28 2025 )

Nvidia Wouldn't Send Me This $30,000 GPU - H200 Holy $H!T (Sep,28 2025 )

The Astronaut - Official Trailer (2025) Kate Mara, Laurence (Sep,27 2025 )

iPhone 17 Durability Test -- What Scratches are Permanent? (Sep,25 2025 )

iPhone 17 Pro Max vs. Galaxy S25 Ultra Drop Test! (Sep,23 2025 )

Race Highlights: A Swing In The Drivers' Title Fight? | 2025 (Sep,21 2025 )

BYD Yangwang U9 Hits 496.22 KM/H - EV Supercar Speed Record (Sep,21 2025 )

I'm FIRST to Unbox The World's Biggest TV (Sep,21 2025 )

Samsung Begins Rollout of Android 16 to Rest of Lineup (Sep,21 2025 )

>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs