Site Network: | | Jongsma & Jongsma

Security for All

Sûnnet Beskerming is a company with a focus and a drive to provide Information Security services for all those who want to stay safe and secure in an online world.

Username: | Password: Contact us to request an account

iPhone - Remote hacker automatic control

Version: 1.1.1 and prior.
Technical Details:

A buffer overflow when handling malicious TIFF images has been identified with Safari on the iPhone and the iPod Touch. Successful exploitation allows for arbitrary code execution and there are numerous exploit samples readily available from a number of sources. This code is currently being used to enable unlocking iPhone firmware 1.1.1, but may be used for malicious purposes in the future.


A new vulnerability has been identified with the iPhone and the iPod Touch product lines from Apple, Inc. The specific vulnerability is with the handling of malicious TIFF image files, allowing an attacker to run software of their choice on a victim's device, if the victim can be convinced to view or otherwise interact with the malicious image. At this stage, the vulnerability is being used to allow iPhone users to unlock their devices again, however there is the risk of malicious usage in the future.


At this stage the exploit is primarily being used as a means to provide iPhone owners with the means to unlock their devices, however there is still the risk of malicious usage.

Concerned users should avoid browsing untrusted websites using their iPhone or iPod Touch until Apple can release a patch.


Not Yet Available




Multiple sources

External Tracking Data:

Social bookmark this page