iPhone Open To DoS Attack

iPhone Open To DoS AttackIt’s the Apple of Steve Jobs’s eye, but the iPhone could be vulnerable to denial-of-service (DoS) attacks,according to security company Radware. The company has found a flaw in version 1.1.4 of the Safari browser used by the phone.   The flaw can be triggered bya series of memory allocation operations on the dynamic memory pool, which in turn triggers a bug in the garbage collector. However, the sequence to trigger it is quite convoluted. First, a user hasto visit a site that contains the JavaScript to exploit the vulnerability. It’s only at that point that the application-level DoS attack crashes the browser and could crash the phone itself.  At this point Radware doesn’t know whether the DoS attack would cause permanent damage to the phone.   Radware’s security center manager, Itzik Kotler, said,  "While vendors are struggling to push new products and applications, it is evident that security still remains a secondary concern. Hackers continue to misappropriate other people’s software andtheir job is made easier by design flaws embedded into software products."

Editors' Recommendations