Google Fixes Security Hole Google Desktop Tools and Google Labs Projects forum at WebmasterWorld

Welcome to WebmasterWorld Guest from 184.72.184.104
register, login, search, subscribe, help, library, PubCon, announcements, recent posts, open posts,

Pubcon Platinum Sponsor

Home / Forums Index / Google / Google Desktop Tools and Google Labs Projects

Forum Library : Charter : Moderator: open
Google Desktop Tools and Google Labs Projects Forum

Google Fixes Security Hole

Brett_Tabke

msg:1104085

12:19 pm on Oct 21, 2004 (gmt 0)

[news.zdnet.co.uk...]

According to a report posted to the Bugtraq Security Focus list on Wednesday, Google's new Desktop Search tool did not prevent a hacker from inserting JavaScript, a programming language, into the Web address of its page image, or logo. That vulnerability could have allowed any rogue third party to change the appearance of Google's Web page to ask for personal data such as credit card numbers from its visitors, what's known as a phishing scam, according to the warning.

plumsauce

msg:1104086

8:43 am on Oct 31, 2004 (gmt 0)

yeah, and gmail has a new one where the authentication cookie can be hijacked.

there is no known workaround, even if the user changes passwords. a highjacked cookie will remain valid.

Global Options:

top

home

open messages

active posts

Home / Forums Index / Google / Google Desktop Tools and Google Labs Projects

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
WebmasterWorld ® and PubCon ® are a Registered Trademarks of Pubcon Inc.
© Pubcon Inc. 1996-2012 all rights reserved

Google Desktop Tools and Google Labs Projects Forum