Quick Fix for Gmail Flaw

Google has fixed a flaw that would have allowed Web sites to harvest e-mail addresses from Gmail contact lists.

For an attack to work, a user would have to log into a Gmail account and then visit a Web site that incorporates specially designed JavaScript code. This could have allowed spammers to collect reams of new e-mail addresses.

Proof-of-concept code was publicly posted, and Google appears to have fixed the problem within 30 hours of being notified, wrote Haochi Chen, a blogger who tracks the company. A Google spokeswoman in London confirmed today that the problem was fixed.

Thanks to Jeremy Kirk of the IDG News Service London bureau for the report.

Comments

The flaw has not been fully resolved. Google fixed the specific URL used by the proof-of-concept, however with slight modifications the vulnerability is exposed again.

The URLs below have more information:

http://harshdeep.wordpress.com/2007/01/02/google-how-not-to-fix-a-security-flaw/
http://cyber-knowledge.net/blog/2007/01/02/gmails-flaw-is-now-fixed/

floatingatoll

January 02, 2007

8:05 AM PT

microsoft office outlook 2003 installed in my comp. from time to yime I use it. but when I was checking to find out how much space programs are using in my hard drive I found out that the outlook use 3.18GB space there. when I gog to my local settings and try to open the application data what is stored in it. windows cannot open pst. file it says and whatever I try I cant open it. anyone knows how I can do it. and is it normal that outlook use that much space??

thanks for suggestions from now.

itec

lucky37

January 02, 2007

3:13 PM PT