Google said it has fixed a bug in its web-based Gmail e-mail service that allowed users to read the contents of other people's messages.
Unix community website HBX Networks said the bug was discovered when some of its members sent out a newsletter to themselves as a test before sending it out to everyone.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The HBX site reports, "Gmail messages are vulnerable to interception. An attacker has only to transmit malformed test messages to himself, and information left over in memory, from previous messages, destined for other people, will appear with the test messages in the attacker's inbox. Sometimes, this information could include usernames and passwords."
When the test e-mail arrived in their inboxes, the "Reply To" field in the e-mail header that Gmail displayed contained HTML code, which was the message body of another person's e-mail message.
Google said it corrected the problem, linked to certain characters inserted in the "from" field, soon after it was brought to its attention.