An Interest In:
Web News this Week
- April 15, 2024
- April 14, 2024
- April 13, 2024
- April 12, 2024
- April 11, 2024
- April 10, 2024
- April 9, 2024
Some of Our Sources
View All SourcesHelp Webnuz
Referal links:
November 10, 2016 02:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/mw4J7d3yh6c/ios-webview-bug-can-force-iphones-to-make-calls-while-ui-freezes
iOS WebView Bug Can Force iPhones To Make Calls While UI Freezes
An anonymous reader writes: "A bug in the iOS WebView component allows an attacker to force someone's iPhone to dial any number, while also locking the user's interface for a few moments, preventing him to cancel the outgoing call," reports BleepingComputer. "The bug was at the heart of the recent accidental DDoS of 911 call centers across the U.S." At the heart of the issue is a Safari bug reported in 2008, which was fixed in iOS 3.0. The same bug also exists in the WebView component used by app makers to show web pages inside other apps. The researcher that found the bug writes in a blog post: "If you think automatically dialing a phone number after clicking a link in an app is not a big issue think again. DoSing 911 is pretty terrible but there are other examples such as expensive 900 numbers where the attacker can actually make money. A stalker can make his victim dial his phone number so he gets his victim's number. Altogether things you don't want to happen. [...] Apple should change the default behavior of WebViews to exclude execution of TEL URIs and make it an explicit feature to avoid this kind of issues in the future."Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/mw4J7d3yh6c/ios-webview-bug-can-force-iphones-to-make-calls-while-ui-freezes
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot