Intrusion Prevention

Apple.iPhone.And.iPod.Touch.Mobile.Safari.Alert.DoS

Description

This indicates an attack attempt to exploit a Denial of Service vulnerability in Apple iPhone Safari and iPod Touch Mobile Safari.
This issue is caused by an error in the vulnerable software when handling Javascript code with a misused "alert" function. It may allow remote attackers to execute arbitrary code by sending a crafted web page.

Affected Products

Apple iPod Touch 2.2.1
Apple iPod Touch 2.0.2
Apple iPod Touch 2.0.1
Apple iPod Touch 1.1.4
Apple iPod Touch 1.1.3
Apple iPod Touch 1.1.2
Apple iPod Touch 1.1.1
Apple iPod Touch 3.0
Apple iPod Touch 2.2
Apple iPod Touch 2.1
Apple iPod Touch 2.0
Apple iPod Touch 1.1
Apple iPhone 3.0.1
Apple iPhone 2.2.1
Apple iPhone 2.0.2
Apple iPhone 2.0.1
Apple iPhone 1.1.4
Apple iPhone 1.1.3
Apple iPhone 1.1.2
Apple iPhone 1.1.1
Apple iPhone 1.0.2
Apple iPhone 1.0.1
Apple iPhone 3.0
Apple iPhone 2.2
Apple iPhone 2.1
Apple iPhone 2.0
Apple iPhone 1.1
Apple iPhone 1
Apple iPhone 0

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.