Google Blogoscoped

Forum

Google Gears WorkerPool API vulnerability reported

Juha-Matti Laurio [PersonRank 10]

Tuesday, December 9, 2008
14 years ago2,496 views

Version 0.5.4 reportedly includes a fix:
http://www.securityfocus.com/bid/32698/discuss

<<Google Gears is prone to a vulnerability that allows attackers to violate the same-origin policy. This issue occurs because the application fails to properly enforce the same-origin policy when handling WorkerPool objects.>>

[edit: snippet added. -Philipp]

Forum home

Advertisement

 
Blog  |  Forum     more >> Archive | Feed | Google's blogs | About
Advertisement

 

This site unofficially covers Google™ and more with some rights reserved. Join our forum!