homepage Welcome to WebmasterWorld Guest from 54.227.171.163
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Google / Google Desktop Tools and Google Labs Projects
Forum Library, Charter, Moderator: open

Google Desktop Tools and Google Labs Projects Forum

    
IE Design Flaw Lets Hacker Crack Google Desktop
Tropical Island

WebmasterWorld Senior Member tropical_island us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 24574 posted 5:17 pm on Dec 2, 2005 (gmt 0)

From E-Week.com:

[eweek.com...]

Matan Gillon, a hacker from Israel, discovered the vulnerability in the cross-domain protections in Internet Explorer and published a proof-of-concept exploit to show how Google Desktop can be cracked.

"The proof of concept works on a fully patched IE browser (default security and privacy settings) with Google Desktop v2 installed," Gillon said in a note sent to Ziff Davis Internet News.

He also published a detailed explanation of the vulnerability and warned that an attacker simply needs to lure a target to visit a malicious Web page. "Much like classic XSS (cross site scripting) holes, this design flaw in IE allows an attacker to retrieve private user data or execute operations on the [user's] behalf on remote domains," Gillon explained.


 

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Google / Google Desktop Tools and Google Labs Projects
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved