Google Information for VU#612636
Google SAML Single Sign on vulnerability
- Vendor Information Help Date Notified: 18 Jun 2008
- Statement Date:
- Date Updated: 02 Sep 2008
Status
Affected
Vendor Statement
Google was notified of this issue a few months ago. Once notified, work proceeded swiftly to provide a safe solution for customers. Google notified customers that could be vulnerable directly, and provided clear instructions on how to protect their systems. There have been no reports of this vulnerability being exploited.
Google would like to thank Alessandro Armando, Roberto Carbone, Luca Compagna, Jorge Cuellar, and Llanos Tobarra Abad with the AVANTSSAR project (http://www.avantssar.eu) for responsibly disclosing this issue and providing technical assistance.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Vendor References
None
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.