The iPhone uses a stripped-down version of Apple's Web browser for Mac OS X, Safari, but despite being adapted to work with their mobile phone, it seems a vulnerability frequently encountered in desktop software slipped through. Well, for now it's only a report, but since we're talking about the SecurityFocus research firm, I guess this "rumor" is probably reality, and the iPhone may be vulnerable to DoS attacks!
Basically, a denial-of-service(DoS) attack is an attempt to deny the proper use of a certain resource, making it unavailable to its regular users. Most of the time, we're talking about web sites and even entire servers that, once the DoS attack is successfull, become unavailable for a certain period of time. Anyway, it usually takes at least 80 computers connected to the Internet to get a DoS attack succeed, so you shouldn't be afraid that your evil geek neighbour next door may do this to your site...
According to SecurityFocus, "Attackers can exploit this issue by enticing an unsuspecting user to view a maliciously crafted webpage. Successful attacks cause a kernel panic, crashing the device. Given the nature of this issue, remote code execution may also be possible, but this has not been confirmed."
At this time, they claim the iPhone 1.1.2 to be affected by this security hole in Safari, but, as usual, "other versions may also be vulnerable". Well, let's hope Apple comes with a patch soon enough...
