Google fixes Gmail bug


Google fixes Gmail bug

Antony Savvas

Google said it has fixed a bug in its web-based Gmail e-mail service that allowed users to read the contents of other people's messages.

Unix community website HBX Networks said the bug was discovered when some of its members sent out a newsletter to themselves as a test before sending it out to everyone.

The HBX site reports, "Gmail messages are vulnerable to interception. An attacker has only to transmit malformed test messages to himself, and information left over in memory, from previous messages, destined for other people, will appear with the test messages in the attacker's inbox. Sometimes, this information could include usernames and passwords."

When the test e-mail arrived in their inboxes, the "Reply To" field in the e-mail header that Gmail displayed contained HTML code, which was the message body of another person's e-mail message.

Google said it corrected the problem, linked to certain characters inserted in the "from" field, soon after it was brought to its attention.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy