TMCnet News
Radware Discovers Denial-of-Service Vulnerability in Apples' iPhone Safari Internet BrowserMAHWAH, New Jersey, April 15 /PRNewswire-FirstCall/ -- Radware , the leading provider of integrated application delivery solutions for business-smart networking, today announced that the vulnerability research team of its Security Operations Center discovered a denial of service (DoS) vulnerability in the Safari Browser of Apples' iPhone version 1.1.4. Immediate protection is available as part of Radware's Security Update Service (SUS), safeguarding customer infrastructures in advance of public disclosure of the flaw. To exploit the vulnerability, an iPhone user must open an HTML page which contains Javascript that manifests this vulnerability, which can be achieved by Social Engineering (e.g. Spam Mail, Spam SMS). The user will experience an application level DoS which results in crashing the Safari browser and which could go as far as crashing the entire iPhone appliance. "While vendors are struggling to push new products and applications, it is evident that security still remains a secondary concern," says Itzik Kotler, Security Operation Center Manager, Radware. "Hackers continue to misappropriate other people's software and their job is made easier by design flaws embedded into software products." Apple iPhone Safari browser is vulnerable to DoS attacks due to a design flaw that may be triggered by a series of memory allocation operations on the dynamic memory pool, which in turn triggers a bug in the garbage collector. The security hole is currently unpatched, leaving iPhone owners vulnerable to potential attacks until Apple issues a security update. About Radware Radware , the global leader in integrated application delivery solutions, assures the full availability, maximum performance, and complete security of business-critical applications for more than 5,000 enterprises and carriers worldwide. With APSolute(TM), Radware's comprehensive and award-winning suite of intelligent front-end, access, and security products, companies in every industry can drive business productivity, improve profitability, and reduce IT operating and infrastructure costs by making their networks "business smart." For more information, please visit http://www.radware.com/. This press release may contain forward-looking statements that are subject to risks and uncertainties. Factors that could cause actual results to differ materially from these forward-looking statements include, but are not limited to, general business conditions in the Application Switching or Network Security industry, changes in demand for Application Switching or Network Security products, the timing and amount or cancellation of orders and other risks detailed from time to time in Radware's filings with the Securities and Exchange Commission, including Radware's Form 20-F. Media Relations: Joyce Anne Shulman +1-201-785-3209 [email protected] Radware Ltd CONTACT: Media Relations: Joyce Anne Shulman, +1-201-785-3209,[email protected] |