Radware said that the phone is vulnerable to DoS attacks owing to a design flaw that may be triggered by a series of memory allocation operations on the dynamic memory pool, which in turn triggers a bug in the garbage collector.
"While vendors are struggling to push new products and applications, it is evident that security still remains a secondary concern," said Itzik Kotler, security operation centre manager at Radware.
"Hackers continue to misappropriate other people's software and their job is made easier by design flaws embedded into software products."
To exploit the vulnerability, an iPhone user must open an HTML page which contains JavaScript that manifests this vulnerability.
Once at the site, an application-level DoS attack crashes the Safari browser and could go as far as crashing the iPhone completely.
Users could be lured to sites containing this attack via links in spam messages or other social engineering techniques.
Radware said that the vulnerability is a proof of concept, and looks like little more than a nuisance at this stage.
However, the firm believes that there is a possibility that a more sophisticated hacker could use vulnerabilities like this to shut services down or install malware.
iPhone vulnerable to DoS attack
Got a news tip for our journalists? Share it with us anonymously here.
Add techpartner.news as your trusted source
Partner Content
Promoted Content
Have ticket queues become your quiet business risk?
Fabric workshops help partners tap into data services demand growth.
Think Technology Australia deliver massive ROI to a Toyota dealership through SharePoint-powered, automated document management
AI PCs shift from hype to revenue opportunity for partners
_(30).jpg&h=142&w=230&c=1&s=1)
Promoted Content
Why Australia’s Industrial Leaders Are Turning to Dynamic Aspect for Dynamics 365 Business Central
.jpg&w=100&c=1&s=0){kind=logo}
