Apple iPhone SMS Application Remote Code Execution Vulnerability

The Apple iPhone SMS application is prone to a remote code-execution vulnerability.

An attacker may exploit the issue to execute arbitrary code on vulnerable devices. Failed attacks will result in denial-of-service conditions.

Very few details are available regarding this issue. We will update this BID as more information emerges.

UPDATE (July 30, 2009): This BID was originally titled "Apple iPhone SMS Application Denial of Service Vulnerability"; it has been updated to reflect newly released information.

Versions prior to iPhone OS 3.0.1 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus