A Buzzing Security Bug

February 18th, 2010

A common Web programming error could give hackers a way to take over Google Buzz accounts, a security expert said Tuesday.

The flaw is a “medium-sized problem” with the Buzz for Mobile Web site, said Robert Hansen, CEO of SecTheory, who first reported the issue.

This type of Web programming error, called a cross-site scripting flaw, lets the attacker put his own scripting code into Web pages that belong to trusted Web sites such as Google.com. It is a fairly common flaw but one that can have major consequences when exploited on widely used Web sites.

Wow. Thank goodness Google is already working on a patch, right?

– Posted with Stuffr! –

Sphere: Related Content

Posted in Virus Alerts

Comments are closed.

Recent Comments

goldcoaster on Another New iPhone On The Way?
what nand chips do they use at the moment, is it 4... »
Local Search Engine Optimization on The Latest And Greatest
I like apple but I do not like the 17 inch macbook... »
Chris Kindle on Kindle 2.0
Just came across your blog on Google. Interesting... »
GoldCoaster on The Death Of An OS
Palm OS is really old now and they hadn't really i... »
GoldCoaster on The Six Flavors Of Seven
I love Vista much more than XP (I still use both) ... »
Older »

An Endorsement

The following endorsement is a personal one involving my mother's cousin, who is one of the most awesome people I know.

Are you interested in learning more about safe and effective Lap-Band® Surgery?

JoAnn Jackson, RN, BSN, of Dr. Kuri & Associates, can answer your questions. She had the surgery in January 2006, lost more than 100 lbs, and most importantly, has kept it off with minimal effort. Contact her by submitting a request, or call her at 1-888-223-4046. She can help you gain back control of your health and life.

All other material and brand or product names are copyright and/or registered trademarks of their respective holders.

E-Mail sent to any alligatorpit.com address, or the feedback address listed at the top of the page, may be considered for publication unless the recipient is expressly notified otherwise.

This weblog is licensed under a Creative Commons License.