Advisory: Gmail – Google Docs Cookie Hijacking through PDF Repurposing

Google docs network was vulnerable to PDF re purposing attacks. The vulnerability was disclosed to Google with a discretion. This is done to mitigate the risk . Google has worked over it and patched it with in a period of 5 days. The Google doc has been refined and support for adobe plugin is removed.

The user security is the prime issue because millions of user were at risk if this attack persisted in the open environment. Integrated accounts were more susceptible as certain credentials could be used to access other accounts.

Thanks to Google for considering the recommendation and changing the working behavior of specific components at risk.

The detailed advisory is released here:

[private]

http://www.secniche.org/gmd_hijack/gc_hijack.xhtml

PDF: http://www.secniche.org/gmd_hijack/advisory_gmail_google_docs_pdf_repurposing_attack.pdf

[/private]

By Sam Kinch|2011-04-08T13:43:11-05:00May 9, 2009|Hackers For Charity, Informer Blog, Long Journey To Africa|Comments Off

Advisory: Gmail – Google Docs Cookie Hijacking through PDF Repurposing

Advisory: Gmail – Google Docs Cookie Hijacking through PDF Repurposing

Happy New Year from Jinja, Uganda

Computer Training Center Graduation 2022

Computer Training Center Update – November 2022

Your donations at work!

Advisory: Gmail – Google Docs Cookie Hijacking through PDF Repurposing

Share This Story, Choose Your Platform!

Related Posts

Happy New Year from Jinja, Uganda

Computer Training Center Graduation 2022

Computer Training Center Update – November 2022

Your donations at work!