Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

GMail Vulnerable To Contact List Hijacking


  • Please log in to reply
28 replies to this topic

#1 TcM

TcM

    CC Mentor

  • VIP Member
  • PipPipPipPipPipPipPipPip
  • 7563 posts

Posted 01 January 2007 - 11:08 AM

"By simply logging in to GMail and visiting a website, a malicious website can steal your contact list, and all their details. The problem occurs because Google stores the contact list data in a Javascript file. So far the attack only works on Firefox, and doesn't appear to work in Opera or Internet explorer 7. IE6 was un-tested as of now."

found it here:-
Slashdot | GMail Vulnerable To Contact List Hijacking
  • 0

#2 Guest_Jordan_*

Guest_Jordan_*
  • Guest

Posted 01 January 2007 - 12:51 PM

Good to know, thanks for the post!
  • 0

#3 TcM

TcM

    CC Mentor

  • VIP Member
  • PipPipPipPipPipPipPipPip
  • 7563 posts

Posted 01 January 2007 - 02:52 PM

Good to know, thanks for the post!


No problem! Welcome
  • 0

#4 xtraze

xtraze

    CC Devotee

  • Just Joined
  • PipPipPipPipPipPip
  • 872 posts

Posted 02 January 2007 - 01:12 AM

I must have been attacked as I always keep logged in my Gmail when I am online. wow, Never knew this. thank you and This only increases spam messages, blow.

am I Hijacked !!! ??? lol
  • 0

#5 TcM

TcM

    CC Mentor

  • VIP Member
  • PipPipPipPipPipPipPipPip
  • 7563 posts

Posted 02 January 2007 - 01:39 AM

I must have been attacked as I always keep logged in my Gmail when I am online. wow, Never knew this. thank you and This only increases spam messages, blow.

am I Hijacked !!! ??? lol


Yes I am always logged too! Well I don't have any important contacts in my list so... don't worry too much ;)
  • 0

#6 xtraze

xtraze

    CC Devotee

  • Just Joined
  • PipPipPipPipPipPip
  • 872 posts

Posted 02 January 2007 - 01:48 AM

me too. And who can be important, and the worst that can happen is SPAM and a great deal of them and I hate them actually but not much harm.
  • 0

#7 Guest_mysticalone_*

Guest_mysticalone_*
  • Guest

Posted 02 January 2007 - 05:59 PM

What if you don't use gmail but do use firefox..would your email still be at risk or is it just with gmail?
  • 0

#8 TcM

TcM

    CC Mentor

  • VIP Member
  • PipPipPipPipPipPipPipPip
  • 7563 posts

Posted 03 January 2007 - 05:10 AM

No no, just gmail, if only you have read the article you would know this!
  • 0

#9 xtraze

xtraze

    CC Devotee

  • Just Joined
  • PipPipPipPipPipPip
  • 872 posts

Posted 04 January 2007 - 01:11 AM

Maybe this is built for Firefox Users and that's why it never harm IE7 Users. Strange.
  • 0

#10 AfTriX

AfTriX

    CC Devotee

  • Just Joined
  • PipPipPipPipPipPip
  • 541 posts

Posted 04 January 2007 - 03:16 AM

Are there any solutions to prevent this Hijacking if we are using FireFox? And What is the status for the Netscape Browser?
  • 0

#11 Guest_littlefranciscan_*

Guest_littlefranciscan_*
  • Guest

Posted 04 January 2007 - 04:14 AM

If it only works with gmail would you think it would also be lurking in google script elsewhere.
  • 0

#12 TcM

TcM

    CC Mentor

  • VIP Member
  • PipPipPipPipPipPipPipPip
  • 7563 posts

Posted 04 January 2007 - 08:13 AM

Are there any solutions to prevent this Hijacking if we are using FireFox? And What is the status for the Netscape Browser?


Yes there is, after you check you emails from gmail don't exit the browser as you still will remain logged in, instead click Log Out and then exit!

Netscape isn't mentioned here so I don't think its effected!
  • 0




Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download