The vulnerability was discovered by independent security researcher Petko Petkov, who classified it as a cross-site request forgery.
The attack is triggered when a user visits a website containing malicious code while logged into Gmail. The code executes a special command to access the Gmail account and sets up a new filter without the user's knowledge.
An attacker could configure the filter to forward any archived or future messages with certain keywords or senders' names to another email account.
Petkov did not release any details about the attack until Google had issued a fix.
The researcher argued that the attack could be more dangerous than system-based malware because a filter could be used to pick out precise personal details, such as bank account information.
"In an age when all the data is in the cloud, it makes no sense for the attackers to go after your box," Petkov wrote. "It is a lot simpler to install one of these persistent backdoor/spyware filters."
A Google spokesperson confirmed the vulnerability to www.vnunet.com but stressed that no attacks had been reported.
Users looking to verify that their Gmail accounts are still secure can check their active email filters by clicking on the 'Filters' tab in Gmail's 'Settings' panel.
Google plugs Gmail security hole
By Shaun Nichols on Oct 2, 2007 7:19AM