On 2/25/2011 11:40 PM, Gus Richter wrote:

Background:
I had a link to my log-in page at AOL Mail on my Bookmarks Toolbar. This
is a Netscape.net mail account which I have kept for sentimental
reasons. See my return address.

I clicked on the AOL log-in link an hour ago and was surprised that
instead of taking me to the log-in page at AOL, the link in the
Bookmarks Toolbar changed its icon and actually changed the link to the
Mail.com log-in page and sent me there. Of course I don't have an
account with them and could not sign in. On the same page it asks to
sign up with Mail.com:
<http://www.mail.com/int/?ls=nvd#.1258-bluestripe-login1-undef>

I went to AOL directly and find that AOL still has the AOL AIM Mail
log-in page and my account is still in effect. I added the AOL log-in
link and deleted the Mail.com link. All seems to be back to normal.


The question I have is this:
1. This is MY Bookmarks Toolbar and includes links of MY choosing. How
is it possible that one of my links can be changed by some outside source?
2. If it is as easy as it seems, then could a destructive change (read
security problem) also be possible?


Just a little additional information:

It seems that AOL is now hosting mail for MMC/mail.com domains.

<http://postmaster-blog.aol.com/2009/10/30/aol-hosting-mail-for-mmc/>

--
Gus

_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security

Reply via email to