/>
X
Tech
Home Tech Smartphones iPhone

Remote execution DoS exploits iPhone by simply loading a Web page

A new iPhone Safari remote execution DoS exploit will crash your iPhone by simply visiting a malicious page. David from iPhoneWorld claims that the exploit will crash iPhone's Safari browser and the desktop version of Safari as well.
Written by Jason D. O'Grady, Contributor on
Remote execution DoS exploits iPhone by simply loading a Web page
A new iPhone Safari remote execution DoS exploit will crash your iPhone by simply visiting a malicious page. David from iPhoneWorld claims that the exploit will crash iPhone's Safari browser and the desktop version of Safari as well.

The exploit is not new, it was refined from previously discovered code. The scary new development is that it doesn't require user intervention, i.e. clicking on a button, just loading a Web page containing the malicious code will lock up your iPhone.

The vulnerability is confirmed to crash iPhone firmware 1.1.4 but we're sure about older firmware versions. When I clicked on the link on my 1.1.4, non-jailbroken iPhone it opened a new browser window and the "loading" indicator in the top menu bar spun about three times and my iPhone locked up tighter than a drum. The spinner stopped spinning and my iPhone became completely unresponsive, forcing a reboot.

I also tested the code with Webkit v.3.0.4 and Safari 3 public beta and it crashed both with flying colors.

The exploit cannot be fixed until Apple updates the iPhone and iPod touch firmware. If you're worried about it you can disable JavaScript on your device.

The Safari exploit source code is and a link to a test page is posted on iPhoneWorld. You have been warned!

Editorial standards
Show Comments

Related

chat bot

What is ChatGPT and why does it matter? Here's what you need to know

A robot texting on a smartphone in space

How to use ChatGPT: What you need to know

ChatGPT and Excel

How to use ChatGPT to write Excel formulas