• Quote of the Day
    "Our job in this lifetime is not to shape ourselves into some ideal we imagine we ought to be,
    but to find out who we already are and become it."
    Steven Pressfield, posted by David Baxter

David Baxter

Administrator
Joined
Mar 26, 2004
Messages
38,190
Points
113
GMail JS Security Flaw Exposes All Your Contacts
By: graywolf
1st Jan 2007

Engadget does a nice job of explaining what's going on in Gmail bug exposes your mail account to spammers:

Well, we hate to break the bad news at the dawn of the new year but there's a weakness in Gmail which exposes your email address to any web site capable of exploiting the bug. As reported on Digg, the exploit takes advantage of the fact that Google puts your details into a JS file. As a result, if you're logged into Gmail and browsing the web, any rogue website can declare the function "google" and then parse all your contacts.​
 

David Baxter

Administrator
Joined
Mar 26, 2004
Messages
38,190
Points
113
Google Patches Serious Gmail Contacts Bug

Google Patches Serious Gmail Contacts Bug
January 2, 2007

Engadget's summary of a serious bug in Google's Gmail, where web sites can retrieve your Gmail contact list, through a JavaScript loophole, has now been fixed. The bug allowed web sites to pull your Google contact list, if you were still logged into your Google account and had JavaScript enabled (which is most people who use Gmail).
 

Top Bottom