Slashdot Mirror

← Back to Stories (view on slashdot.org)

GMail Vulnerable To Contact List Hijacking

Posted by Hemos on Monday January 1, 2007 @03:09AM from the in-special-circumstances dept.

Anonymous Coward writes "By simply logging in to GMail and visiting a website, a malicious website can steal your contact list, and all their details. The problem occurs because Google stores the contact list data in a Javascript file. So far the attack only works on Firefox, and doesn't appear to work in Opera or Internet explorer 7. IE6 was un-tested as of now."

1 of 139 comments (clear)

Min score:

Reason:

Sort:

Re:Hmm by RvLeshrac · 2007-01-01 07:53 · Score: 0, Flamebait

Better yet, if it was a vulnerability that only affected IE, it would be IE's fault.

Since the vulnerability only shows up in Firefox, however, it obviously must be the website's fault.

Think of the absurdity. "Three individuals purchased steak from Tesco recently. One of the individuals died after braising her cut in potassium cyanide, and a full investigation has been launched against the grocer. The other two individuals cited have suffered no ill effects."

--
This signature does not exist. It has never existed. It is all a figment of your imagination.