homepage Welcome to WebmasterWorld Guest from 23.22.97.26
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Google / Google Finance, Govt, Policy and Business Issues
Forum Library, Charter, Moderators: goodroi

Google Finance, Govt, Policy and Business Issues Forum

    
Gmail exploit, allows website to get your contact list.
outrun




msg:3204943
 12:51 pm on Jan 1, 2007 (gmt 0)

the exploit takes advantage of the fact that Google puts your details into a JS file. As a result, if you're logged into Gmail and browsing the web, any rogue website can declare the function "google" and then parse all your contacts.

[engadget.com...]

Best thing to do for now is to log out of google services and clear your cache, until the problem is fixed.

 

Span




msg:3204944
 12:57 pm on Jan 1, 2007 (gmt 0)

It seems they fixed it: [blogs.zdnet.com ]

outrun




msg:3204956
 1:09 pm on Jan 1, 2007 (gmt 0)

There is a website that actually shows you,your contact list, After logging in and out, I tried it and it still shows all my contacts its not showing my email address but its showing my entire contact list.

<edit>
The website:
[googlified.com.googlepages.com...]
</edit>

Span




msg:3204959
 1:28 pm on Jan 1, 2007 (gmt 0)

Not fixed indeed. Interesting. It shows the gmail address of a relative (not mine) and my contactlist..

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Google / Google Finance, Govt, Policy and Business Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved