Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Google

+ - GMail Exploit Is Now Fixed

Submitted by
Rub3X
Rub3X writes: "Earlier I reported that Google had a flaw in which it stores contact details in a JavaScript file on their server. A website could in return declare the function "google", and put all your contacts and their details into an array. From there it could have been parsed and sent to the malicious server using Ajax. Earlier today there were reports on zdnet that said the flaw was fixed, however at the time it wasn't true. Currently as of 8 PM EST the flaw has been fixed. When attempting to execute the attack, all you get is a blank page now. Visiting the old page on Google that revealed all the data in an XML file now gives an error. If you don't get the error log out of Google's services and back in."

I am not now, nor have I ever been, a member of the demigodic party. -- Dennis Ritchie

Working...