8 replies to this topic

[delivi]

A 14 year old boy known to the world as Antony has found a Vulnerability in Gmail.

The Vulnerability is that,
"the javascriptcode present in the message will run if it is withing the preview of the message".

This vulnerability will lead the hackers to access ones Inbox and execute the code that can stel information like Email Ids or important details from your mails.

The tester has found this vulnerability when he sent a mail containing a javascript code, from his Yahoo ID to GMail.

This Vulnerability is filtered out when a mail containing the javascript code from one GMail ID to another GMail ID.

Read more about this vulnerability from the Finder's site by Clicking here.

[Dragonfly]

No, wonder the original post in the blogspot has so many comments(49). At one point of time most of the email services have had complaints from users, but the good thing about them is that they have always been able to fix the problems.

Let's hope Google Gmail to come out with the same result. I have actually enjoyed much about this awesome service and approach to email by Google.

[iwuvcookies]

This is a little freaky. Something gmail is exposed to. I guess i gotta be more careful. But i usually don't receive mails from people i don' tknow. if it does it'll just be in the spam...

[wild20]

Wow. Thy better come up with a nother code or make it fool proof. That is dangerous and does place google at some liability. Of course, I don't keep anything important in my account anyway, but still, the thought of it will irk me now. Thanks a lot Delivi. Oh well.

What they need is a way to filter out the dangerous code. Maybe re-write gmail's code that it uses. I don't know, just so they get it fixed.

[mama_soap]

Looks fairly non-trivial, but hopefully shouldn't be a problem for the GMail team to get it fixed. Technically, one shouldn't be surprised - after all GMail is in Beta - that is the you've-been-warned phase, so... but I'm a bit worried because GMail has kinda grown on me now and I imagined it was this perfect system, *grin*

[inyourarms]

Maybe I should be really worried or something but I'm not. I hardly ever get emails from people I don't know or from site's I haven't signed up to too ^

[Florisjuh]

Mmh, every system has bugs. A google system having a bug discovered is rather rare tho... At least Google fixed the bug very short after, like we're used from them.

[wariorpk]

That is pretty serious but you have to admit that Gmail is a very safe e-mail provider for the most part. This is the only security problem I have heard of so far. I am sure that Google will fix it so we can all go back to using Gmail safely.

[Cena_54]

Well basically anything and everything contains bugs don't it, but it will most probably fixed in some time so as not to let these bugs be used by hackers new or experienced for them to gain access to peoples gmail inbox.