iPhone buffer exploit may lead to jailbreak

A newly discovered iPhone exploit could help developers find another way to run third-party applications on Apple's device. Posters to the Hackintosh forums have discovered that Mobile Safari on both the Touch and the iPhone suffer from a one year old TIFF buffer overflow exploit that could lead to a jailbreak for the devices. Essentially, opening a carefully crafted TIFF image will crash Mobile Safari, causing a buffer overflow and allow for arbitrary code execution. A poster to the forums writes "This same exploit was used more than 1.5 years ago to crack the PSP firmware." This could theoretically lead to a new "jailbreak" process that would again allow third-party applications to be written to iPhones running the most recent firmware 1.1.1 release that disabled the functionality for all those who updated.

Hackers previously streamlined the processes of both installing third-party programs to the iPhone and command-line access to its inner workings using firmware revisions up to 1.0.2. The Installer.app utility completely automates the process of derestricting (or jailbreaking) the iPhone's file system and uploading a software package manager to the Apple device. Once installed, the Mac OS X app allows the iPhone to download and install Books or any of the other unofficial third-party programs already written for the device simply by using either local Wi-Fi or an EDGE connection.