Title :
The Confused Deputy and the Domain Hijacker
Author :
Ahmad, D. ; Arce, Irwin
Author_Institution :
Bombardier Aerosp., Farnborough
Abstract :
The Gmail vulnerability allowed unauthorized parties to add custom mail filters to target Gmail accounts. The only requirement was that the target users visit a Web site with malicious content while signed into Gmail
Keywords :
authorisation; computer crime; unsolicited e-mail; Gmail vulnerability; Web site security; e-mail security; Authorization; Forgery; Graphics; Information services; Internet; Matched filters; Postal services; Privacy; Security; Web sites; Attack Trends; Gmail; Gmail vulnerability; attacks; cross-site request forgery; domain hijacking; vulnerabilities;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2008.25
