CVE-2008-0729

Vulnerability

Mobile Safari on Apple iPhone versions 1.1.2 and 1.1.3 is vulnerable to a denial-of-service condition caused by memory exhaustion. The vulnerability is triggered by JavaScript code that constructs a very long string and an array containing multiple long string elements. This issue is possibly related to CVE-2006-3677. The proof-of-concept exploit [1] demonstrates the attack by creating a large string (fill) and an array of 36 elements, each built from repeated concatenations of that string and a shellcode placeholder.

Exploitation

An attacker hosts a malicious web page containing the JavaScript exploit. The victim must visit the page and click the button labeled "Go!" to execute the Demo() function [1]. The script allocates large strings in a loop, rapidly consuming available memory until the device crashes. No authentication or special network position is required beyond serving the page.

Impact

Successful exploitation causes the iPhone to crash due to memory exhaustion, resulting in a denial of service. The device becomes unresponsive and may require a forced restart. No code execution or data compromise is described in the available references.

Mitigation

No official fix is documented in the provided reference [1]. Users should upgrade to a newer iOS version beyond 1.1.3, as later releases likely addressed this issue. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.