
"While vendors are struggling to push new products and applications, it is evident that security still remains a secondary concern," said Itzik Kotler, security operation centre manager at Radware.
"Hackers continue to misappropriate other people's software and their job is made easier by design flaws embedded into software products."
To exploit the vulnerability, an iPhone user must open an HTML page which contains JavaScript that manifests this vulnerability.
Once at the site, an application-level DoS attack crashes the Safari browser and could go as far as crashing the iPhone completely.
Users could be lured to sites containing this attack via links in spam messages or other social engineering techniques.
It is unclear whether the fault can cause any permanent damage to the phone or is simply a nuisance.