iPhone vulnerable to DoS attack

By
Follow google news

A security firm claims to have uncovered a denial-of-service vulnerability in version 1.1.4 of Apple's Safari web browser for the iPhone.


iPhone vulnerable to DoS attack
Radware said that the phone is vulnerable to DoS attacks owing to a design flaw that may be triggered by a series of memory allocation operations on the dynamic memory pool, which in turn triggers a bug in the garbage collector.

"While vendors are struggling to push new products and applications, it is evident that security still remains a secondary concern," said Itzik Kotler, security operation centre manager at Radware.

"Hackers continue to misappropriate other people's software and their job is made easier by design flaws embedded into software products."

To exploit the vulnerability, an iPhone user must open an HTML page which contains JavaScript that manifests this vulnerability.

Once at the site, an application-level DoS attack crashes the Safari browser and could go as far as crashing the iPhone completely.

Users could be lured to sites containing this attack via links in spam messages or other social engineering techniques.

It is unclear whether the fault can cause any permanent damage to the phone or is simply a nuisance.

Add iTnews as your trusted source

Add iTnews As Your Trusted Source Add iTnews As Your Trusted Source
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
attackdosiphonesecurity

Sponsored Whitepapers

The future of resilience: AI-Driven dynamic storage
The future of resilience: AI-Driven dynamic storage
Stop Hiring Like It’s 2025: AI-Augmented Cybersecurity Performance Data Every CISO Needs
Stop Hiring Like It’s 2025: AI-Augmented Cybersecurity Performance Data Every CISO Needs
5 reasons to adopt a mobile first security strategy
5 reasons to adopt a mobile first security strategy
Uncomplicate IT Service Delivery with AI Agents
Uncomplicate IT Service Delivery with AI Agents
Getting ahead of the tech: what’s next for Australian organisations in digital transformation
Getting ahead of the tech: what’s next for Australian organisations in digital transformation

Events

Most Read Articles

Dead cars tell tales by storing data that's never wiped

Dead cars tell tales by storing data that's never wiped
Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases
AI-boosted hacks with Anthropic’s Mythos could have dire consequences for banks

AI-boosted hacks with Anthropic’s Mythos could have dire consequences for banks
Medibank reveals attack vector and cost of 2022 security breach

Medibank reveals attack vector and cost of 2022 security breach
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?