• Quote of the Day
    "There is nothing like returning to a place that remains unchanged to find the ways in which you yourself have altered."
    Nelson Mandela, posted by Daniel

David Baxter

Administrator
Joined
Mar 26, 2004
Messages
37,859
Points
113
GMail JS Security Flaw Exposes All Your Contacts
By: graywolf
1st Jan 2007

Engadget does a nice job of explaining what's going on in Gmail bug exposes your mail account to spammers:

Well, we hate to break the bad news at the dawn of the new year but there's a weakness in Gmail which exposes your email address to any web site capable of exploiting the bug. As reported on Digg, the exploit takes advantage of the fact that Google puts your details into a JS file. As a result, if you're logged into Gmail and browsing the web, any rogue website can declare the function "google" and then parse all your contacts.​
 

David Baxter

Administrator
Joined
Mar 26, 2004
Messages
37,859
Points
113
Google Patches Serious Gmail Contacts Bug

Google Patches Serious Gmail Contacts Bug
January 2, 2007

Engadget's summary of a serious bug in Google's Gmail, where web sites can retrieve your Gmail contact list, through a JavaScript loophole, has now been fixed. The bug allowed web sites to pull your Google contact list, if you were still logged into your Google account and had JavaScript enabled (which is most people who use Gmail).
 

Top Bottom