Thursday, February 7, 2008

Apple iPhone Mobile Safari Memory Exhaustion Remote Denial of Service Vulnerability

Apple iPhone is prone to a remote denial-of-service vulnerability.Attackers can exploit this issue by enticing an unsuspecting user to view a maliciously crafted webpage. Successful attacks cause a kernel panic, crashing the device. Given the nature of this issue, remote code execution may also be possible, but this has not been confirmed.iPhone 1.1.2 and 1.1.3 are affected; other versions may also be vulnerable. Attackers can exploit this issue by enticing unsuspecting users to view maliciously crafted web pages: /data/vulnerabilities/exploits/27442.html .Currently there's no awareness of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail them at: vuldb @

No comments: