A young Italian computer scientist has discovered another phishing opportunity on one of Google’s web sites. This bug affects the googlesyndication.com domain, which Google use to serve their text and image based adverts.
The discovery comes only days after a similar bug was found with the Google Desktop search tool. As Google spread their technology over a greater number of application areas, the possibility for error increases; which could explain the recent stream of discoveries as they fall victim to public scrutiny.
Salvatore Aranzulla’s web site contains information about his discovery of the bug (Italian). He also demonstrates some URLs that can be used to exploit the bug.