Radware said that the phone is vulnerable to DoS attacks owing to a design flaw that may be triggered by a series of memory allocation operations on the dynamic memory pool, which in turn triggers a bug in the garbage collector.
"While vendors are struggling to push new products and applications, it is evident that security still remains a secondary concern," said Itzik Kotler, security operation centre manager at Radware.
"Hackers continue to misappropriate other people's software and their job is made easier by design flaws embedded into software products."
Once at the site, an application-level DoS attack crashes the Safari browser and could go as far as crashing the iPhone completely.
Users could be lured to sites containing this attack via links in spam messages or other social engineering techniques.
It is unclear whether the fault can cause any permanent damage to the phone or is simply a nuisance.
iPhone vulnerable to DoS attack
By Ian Williams on Apr 17, 2008 7:20AM