New Denial-of-Service Exploit Found In Mobile Safari

Submitted by Edward Kirk on April 15, 2008 - 11:11am.

news

Radware's Security Operations Center is claiming to have discovered a new Denial-of-Serivce vulnerability in the iPhone's Mobile Safari web browser in the 1.1.4 firmware. The exploit would require that a user click on a link to a web page containing Javascript that triggers the vulnerability, causing Safari to crash.

Apple iPhone Safari browser is vulnerable to DoS attacks due to a design flaw that may be triggered by a series of memory allocation operations on the dynamic memory pool, which in turn triggers a bug in the garbage collector. The security hole is currently unpatched, leaving iPhone owners vulnerable to potential attacks until Apple issues a security update.

Apple has yet to comment.

Hot Forum Topics

</p> <script language="JavaScript" src="http://adserver1.backbeatmedia.com/servlet/ajrotator/13894/222/viewJScript?pool=14098&type=43&pos=20&zone=5000"></script><p><noscript><a href="http://adserver1.backbeatmedia.com/servlet/ajrotator/13894/222/clickCGI?pos=20&zone=5000"><img src="http://adserver1.backbeatmedia.com/servlet/ajrotator/13894/222/viewCGI?pool=14098&type=43&pos=20&zone=5000" border="0"></a></noscript><br />

New Denial-of-Service Exploit Found In Mobile Safari

User

Hot Forum Topics