Welcome to WebmasterWorld Guest from 54.167.86.186

Forum Moderators: open

Message Too Old, No Replies

Google Fixes Security Hole

     

Brett_Tabke

12:19 pm on Oct 21, 2004 (gmt 0)

WebmasterWorld Administrator brett_tabke is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



[news.zdnet.co.uk...]

According to a report posted to the Bugtraq Security Focus list on Wednesday, Google's new Desktop Search tool did not prevent a hacker from inserting JavaScript, a programming language, into the Web address of its page image, or logo. That vulnerability could have allowed any rogue third party to change the appearance of Google's Web page to ask for personal data such as credit card numbers from its visitors, what's known as a phishing scam, according to the warning.

plumsauce

8:43 am on Oct 31, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member




yeah, and gmail has a new one where the authentication cookie can be hijacked.

there is no known workaround, even if the user changes passwords. a highjacked cookie will remain valid.

 

Featured Threads

Hot Threads This Week

Hot Threads This Month