News

Google fixes Gmail bug

Antony Savvas

Google said it has fixed a bug in its web-based Gmail e-mail service that allowed users to read the contents of other people's messages.

Unix community website HBX Networks said the bug was discovered when some of its members sent out a newsletter to themselves as a test before sending it out to everyone.

The HBX site reports, "Gmail messages are vulnerable to interception. An attacker has only to transmit malformed test messages to himself, and information left over in memory, from previous messages, destined for other people, will appear with the test messages in the attacker's inbox. Sometimes, this information could include usernames and passwords."

When the test e-mail arrived in their inboxes, the "Reply To" field in the e-mail header that Gmail displayed contained HTML code, which was the message body of another person's e-mail message.

Google said it corrected the problem, linked to certain characters inserted in the "from" field, soon after it was brought to its attention.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy