Hi, I've noticed a strange behavior in "Yahoo! Mail" when dealing with html attachments. It's possible to insert data into the "Yahoo! Mail" html interface. For example, with the following code in an html attachment it's possible to insert "Your profile is out of date, please update clicking here" above the button "Check Mail". <? <TABLE border="1" cellspacing="1" cellpadding="0"> <TR>Your profile is out of date, please update <a href="www.blabla.com">clicking here.</a></TR> </TABLE> I think this could be used in phishing scam. For a screenshot, see [1]. The circulated text was inserted into interface of the "Yahoo! Mail" through an email with the above code as an html attachment. I tried to contact "Yahoo!" several times, without success. [1] - http://richard.computeiro.com/yahoo_bug.jpg _______________________________________________________ Yahoo! Acesso Grátis: Internet rápida e grátis. Instale o discador agora! http://br.acesso.yahoo.com/
