Printed from http://www.electronista.com

DoS attack on iPhone causes memory leak, freeze

updated 01:25 pm EST, Sat January 26, 2008

New iPhone vulnerability

iPhone owners should be on guard against a new threat, which fortunately doesn't harm the device, but still induces a freeze by taking all available system memory. According to security firm SecurityFocus, the vulnerability is exposed by a Denial of Service attack, when a maliciously crafted webpage is viewed. The page will insert code into the iPhone, which continually eats up available system memory before causing a kernel panic.

While not the first attack on the iPhone, SecurityFocus believes it could be harmful to the device's wellbeing by potentially executing remote code.

The DoS exploit has been verified to work on the 1.1.2 iPhone firmware; Apple has not commented on the issue



By Electronista Staff
toggle

Comments

  1. imagine engine

    Fresh-Faced Recruit

    Joined: Aug 2007

    0

    iPhone security

    Does this affect users running iPhone firmware 1.1.3?

  1. ViktorCode

    Fresh-Faced Recruit

    Joined: Jan 2006

    0

    old bug?

    Visiting linked page gave me idea of some old Safari flow rediscovered on iPhone. If you look on the list of vulnerable systems beside iPhone 1.1.2 you will find Mac OS X 10.4.2 and earlier version of Tiger. Firmware 1.1.3 is not listed.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Thecus N2310 NAS

For every computer user, there comes a point of critical mass in data storage. When it hits, external hard drives, USB sticks and DVD ...

iRig Pads

When it comes to mobile music products, IK Multimedia has positioned itself as one of the top suppliers. Right from the early days of ...

DoxieGo Portable Scanner

Sometimes, people need to scan things, but having a computer at hand to do so isn't exactly feasible. Maybe it's the home of a relativ ...

Sponsor

toggle

Most Commented

 
toggle

Popular News