SMS Vulnerability Found in iPhone.
In August of 2009, at the BlackHat Conference in Las Vegas, NV, Dr.
Charlie Miller presented an iPhone vulnerability that can allow a
hacker to seize control of the phone through SMS messages. The
vulnerability arises because the malicious message tells the iPhone to
expect a certain amount of data and then doesn't actually deliver that
much data. As a result, the memory of the device can be corrupted as
an array is indexed with the value -1, which is actually an error
condition returned from a previously called function. The victim's
phone can be compromised with complete control of the attacker (i.e.
the attacker could send SMS messages, dial the phone, read any file,
etc) or the attacker can simply knock the victim off the cellular
network for a few seconds. It takes about 500 messages for the
attacker to gain complete control of the device, all of which is
invisible to the victim. It only takes one message to knock a victim
off the network (which can be repeated as many times as the attacker
likes). Miller demonstrated this by knocking a volunteer in the
audience off the network during his talk. After a few hours, the
victim's phone was able to join the cellular network again.
