New issue
Advanced search Search tips

Issue 634429 link

Starred by 1 user
Status: WontFix
Owner: ----
Closed: Aug 2016
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: Account Verification Vulnerability

Reported by ramchand...@gmail.com, Aug 4 2016 
VULNERABILITY DETAILS
During the process of logging in to my gmail account I was asked to complete a verification step in order to verify my identity. The step requires the user to confirm the recovery email provided in their security settings. The majority of the email is blocked out with the first three letters being visible.

The security vulnerability is as follows. When the user selects the text box to input the recovery email, auto-fill options are permitted on the page. Inputting the first three letters of the email address presented will trigger the auto-fill options. This vulnerability allows an individual to circumvent the verification step on an account or device that may have been compromised.

VERSION
Chrome Version: Version 51.0.2704.103 m stable
Operating System: Windows 10

REPRODUCTION CASE
Reproduced in attached jpeg

Comment 1 by raymes@chromium.org, Aug 5 2016

Status: WontFix (was: Unconfirmed)
Hi there, thanks for the report. This is working as intended. Those autofill options will only appear when you are logged into Chrome as yourself. If an attacker has managed to compromise one of your devices that is logged in then there are many things they can do that are hard to protect against. Please also see https://www.chromium.org/Home/chromium-security/security-faq#TOC-Why-aren-t-physically-local-attacks-in-Chrome-s-threat-model-

If you have concerns about the verification process in gmail, you may want to discuss them on the gmail product forum: https://productforums.google.com/forum/#!forum/gmail

Thanks!

Comment 2 by ramchand...@gmail.com, Aug 5 2016 

Excellent! I'm glad that it's working as intended. Thank you for taking the time to reply.
Project Member

Comment 3 by sheriffbot@chromium.org, Nov 11 2016

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment