Home › News › Industry News

Google cookie data leak problem

On January 17, 2005, 4:00 PM

For once, it’s Google in the spotlight for having security deficiencies. Security flaws in some of the company's Web-based products have been uncovered, in particular in Froogle comparison-shopping service.

According to Israeli security researcher Nir Goldshlager, a malicious hacker could exploit the hole by embedding a JavaScript in a URL pointing to Froogle. Once the link is clicked, the JavaScript triggers a browser redirect to a malicious Web site where the target's Google cookie is stolen.

Google has replied that the vulnerability has since been fixed. However, Israeli security researcher Nir Goldshlager, who provided proof-of-concept exploits of the cross-site scripting scenarios to Google, warned that information from stolen cookies can be used even if the password is changed.

"The system authenticates the hacker as the victim, using the stolen cookie file. Thus no password is involved in the authentication process. The victim can change his password as many times as he wants, and it still won't stop the hacker from using his box," Goldshlager said.

No tags on this story

Next Article: Microsoft denies Media Player security flaw

TechSpot on:

Most Popular

Trending

Featured

Featured on Cameras

Downloads and Drivers

Downloads

Drivers

Dropbox for Android 2.3.8

IObit Malware Fighter 2.0

Wise Folder Hider 1.35.71

HelpNDoc 3.9.1

Sublight 4.0

More Downloads

Latest Discussion

Unsure if my new graphics card will work with my PC 8 replies on Audio and Video

Which is the best smartphone to buy? 16 replies on Mobile Computing

The average life of a GPU 15 replies on Audio and Video

How to bypass Iran's Gov filters on Internet 26 replies on Software Apps

Which Wireless Network Card for my MOBO ? 6 replies on Storage and Networking

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.

TechSpot

Welcome to TechSpot

Home › News › Industry News

Google cookie data leak problem

Next Article: Microsoft denies Media Player security flaw

Post a new comment

TechSpot on:

Most Popular

Building a Thin Mini-ITX PC: Small and Silent Performance

Metro: Last Light Tested, Benchmarked

'Supercapacitor' could fully charge your phone in less than 30 seconds

Microsoft launches YouTube app, Google demands it taken down

Bill Gates is once again the richest person in the world

Metro: Last Light Performance, Benchmarked

Building a Thin Mini-ITX PC: Small and Silent Performance

Metro: Last Light Review

Gigabyte U2442F Ultrabook Review

8 Free to Play Games That Are Too Good to Be True

Featured on Cameras

86 Nikon D7100

81 Nikon D5200

72 Nikon 1 J3

83 Canon EOS 650D Rebel T4i

96 Nikon D800E

Downloads and Drivers

Latest Discussion

Subscribe to TechSpot

Featured Tech Content - Inside TechSpot

	Social Login & Guest Posting Post as anonymous user			TechSpot Members Login here or sign up for free, it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.