Security Information Vulnerability Research Security Blog

These bad days of Google’s security team

September 26th, 2007 by Juha-Matti, Filed under: Web, Commentary, Google, Corporate Security

First this week started with news of three serious vulnerabilities in Google’s services and products - via hacademix.net post GoogHOle (XSS pwning GMail, Picasa and almost 200K customers).

But it appears information was public on Sat 22nd Sep already.

The report says Google security team was contacted before the release process. The exact date is not known, however.

DiggRedditSlashdotTwitThisSphinnStumbleUpondel.icio.usFacebookGoogleTechnoratiE-mail this story to a friend!

-

Is your site safe from SQL Injection? Sign up for an Automated Vulnerability Detection Service today!

2 Comments:

  1. Gareth Heyes, on September 27th, 2007 at 12:58 pm Said:

    And now adsense as well:-
    http://www.thespanner.co.uk/2007/09/27/google-adsense-csrf-hole/

  2. Juha-Matti, on October 1st, 2007 at 7:35 pm Said:

    Thanks for this. Information about AdSense was totally new.

Security RSS Subscribe


Vulnerability Scanner