14 DAY TRIAL // One of the most popular mail solutions on the Internet, Google's Gmail, was again affected by a vulnerability that can permit an attacker to view or delete some of the messages stored into an account. The Mountain View company's employees were quite quick in fixing the flaw and managed to repair it in a few hours since it was reported.
Basically, the vulnerability could be exploited through a malicious page that provided the attacker the access to the Gmail account. As The Hacker Webzine reports, it is extremely dangerous because the giant Google keeps all its web-based services such as Calendar, AdWords and Gmail on the same sign-on technology. Using a simple vulnerability discovered in the mail solution, the hacker would be able to access all these services.
This is not the first time when Gmail is affected by a security flaw that can allow an attacker to view private information about the account as well as the messages kept in the inbox. Some time ago, the search giant confirmed the existence of numerous vulnerabilities but only after it managed to fix them because it was very important to avoid successful exploitations.
Gmail was released in April 2004 and was extremely attractive for the Internet users because it was the first mail solution to offer 1GB in storage size. Obviously, the product was periodically improved and it is now described as the most efficient mail service against spam messages because its filters manage to block the majority of unsolicited emails coming into your inbox.
The XSS security flaw that was just discovered is sustaining Google's statements concerning the security of the mail solution and proves once again that even the Mountain View company can be affected by vulnerabilities. If you didn't know, a critical hole was also discovered in Google Desktop, the downloadable application powered by Gooogle.