Home » News » Vulnerabilities » iPhone OS is not bulletproof

iPhone OS is not bulletproof

By Gina on August 6, 2010 | Vulnerabilities, mobile security, iPhone, flaw, vulnerability, Apple, patch, jailbreak iPhone OS is not bulletproof

Developer known as “Comex” released a new jailbreak for Apple’s iPhone 4 earlier this week. By visiting an appropriate web page users are able to gain an access to the iPhone's file system, which is normally restricted, in an easier way. According to TrendLabs , in addition to the iPhone 4, older Apple products running iOS can also be jailbroken this way.

The jailbreak makes an effort to use vulnerabilities in two different ways. The first flaw lies in how the Safari browser handles .PDF files. .PDF files can carry out a tricky font which can be the cause of arbitrary code execution. This vulnerability is a similar one which was patched in March . The second flaw is used to seek to have an access to the device but this is not publicly available.

These ways to use vulnerabilities can be elevated to make an access for malware to enter the device. In general, there is known few cases when the iPhone was infected but the hopes are high that there will be no more infections. Meanwhile, Apple does not give any information or any news about a patch for this flaw.

More Vulnerabilities news

Denial-of-service flaw is fixed by Oracle

Denial-of-service flaw is fixed by Oracle

Recently, Oracle released a patch which fixed denial-of-service vulnerability in the Oracle WebLogic Server, Application Server and iPlanet Web Server. In a security bulletin Oracle warned that "vulnerability may be remotely exploitable without authentication, i.e., it may be exploited over a network without the need for a username and password." Oracle pointed out that a fix for the same vulnerability in the GlassFish Server was released last month. Read more.


News categories

Latest news

Related news