New research has concluded that the Safari browser of the iPhone 1.1.4 is vulnerable to attacks, which may lead to service denial and in turn, result in a system crash.
This design flaw was detected by the researchers at Radware, an application delivery solutions company, earlier this week. The researches say the flaw triggers a series of “memory allocation operations on its memory pool”, which then triggers another different bug within its garbage collector.
To exploit Safari’s vulnerability, an iPhone user would have to open any malicious HTML pages that contain Javascript, usually as a social engineering tactic like e-mail phishing. The Radware researchers say that in a worst-case scenario, the users would experience a denial of service attack, which could result in crash of the entire Safari browser. Once the browser crashes, its malfunction could escalate to a point of paralyzing the entire iPhone.
Researchers say that each time your iPhone crashes, the device creates a log
“While vendors are struggling to push new products and applications, it is evident that security still remains a secondary concern,” said Itzik Kitler, Radware security operation center manager, in a written statement. “Hackers continue to misappropriate other people’s software and their job is made easier by design flaws embedded into software products.”
Although this vulnerability is present, experts say it would likely change as the iPhone becomes more widely used and marketshares increase.
“Though it looks like a nuisance, the fact is that a more sophisticated hacker could use iPhone vulnerabilities to shut services down or install malware,” said Ron Meyran, product marketing manager for Radware, via e-mail from Israel. “iPhone is about user mobility, which in turn exposes users to attacks and bypasses the security perimeter deployed by enterprises.”
Related Posts
Pandora's app was one of the iPhone's best of 2008 for music, Even over EDGE, it's a great way to get some music you've never heard on the iPhone
Cisco's popular meeting and collaboration tool WebEx has found a new home on the iPhone
iWizz.co.uk is a fresh UK-based retailer of iPod and iPhone accessories with a difference
If you missed the premier issue you can now get a free copy in digital format that you can read on a Mac, PC, iPhone or iPod Touch
Where To Golf for the iPhone and iPod touch gives golfers all the information about a golf course and how to get there
Eye-Fi have announced they’re developing an iPhone application, to be released in the near future
Best Buy announced on Tuesday that it has started selling refurbished iPhone 3Gs at a slightly discounted price
Proton Studio announced the released of InvinciBall for the iPhone, a cool-looking action game where you can play against other players capturing zones and rolling them out of an arena
Free online sharing service Soonr has launched an iPhone/desktop app combo that gives you 500MB of space to keep your Windows or Mac documents synced to your device
Want to use yellowsn0w to unlock your iPhone, but aren't sure if it will work in your particular region or country?
Wetool is an iPhone app that allows you to forward SMS, Send to Multiple Recipients, and Save your SMS to NotePad
These directions help you set up forwarding in Hotmail so that incoming messages are forwarded from Hotmail to a Gmail history
Step by step video guide on how to create your own m4r iPhone ringtones from your own MP3's
iPhone does not need any introduction. In case you are an iPhone user and want to have that exclusive and different wallpaper on your geeky device soon after it’s all for you
To get delivery confirmation reports sent to your iPhone simply add *0# to the beginning of your text message and once the SMS
IWFR.net has step by step instructions on creating custom iPhone ringtones
Most people already knew the Dev Team would come up with a new jailbreak method for firmware 2.2 fairly quickly.
Google's updated Mobile App which now includes a voice search option is now available for download in the App Store
Sim adapter that is claimed to fully unlock the 3G iPhone for use on any network including the use of 3G Data
First of all if you would be purchasing the latest 3G iPhone, you must (meaning you have no other choice) sign a contract with the AT&T at their store