iPhone and BlackBerry browsers fall at Pwn2Own

One day after IE8 and Safari fell prey to eager hackers during Pwn2Own's first day this year, the iPhone 4 and the BlackBerry browser have been exploited as well. The former was pwned by veteran Pwn2Own winner Charlie Miller, who developed an exploit that enabled him to run arbitrary code on the iPhone after visiting a specially-formatted Web page. Once he was 'in' the iPhone, he was able to perform any action he wanted. The iPhone was running iOS 4.2.1, but the same vulnerability that allowed control over it is also present in iOS 4.3. However, the specific exploit that Miller used won't work on the latest version of Apple's mobile operating system.

Pwning the browser in the BlackBerry Torch 9800 proved a bit more difficult, but not because that particular piece of software was more secure. It just so happens that there's no debugger available for that version of the BlackBerry browser, so pwning it required combining two information leak bugs, an integer overflow bug, and a lot of trial and error work for the multinational team of researchers that decided to do this. Again, the only requirement for the exploit to work was that a specially-crafted website had to be visited. There is a newer firmware version for the Torch than that which was exploited, but the flaws are still there.

The Android-powered Google Nexus S and a Windows Phone 7 device were also supposed to be tested, but the researchers that had been chosen to do so did not show up.

Tags: Apple, BlackBerry, BlackBerry browser, BlackberryBrowser, browsers, compromised, developer, IOS, ios 4.2.1, Ios4.2.1, iphone, iphone 4, Iphone4, Pwn2Own, pwn2own2011, RIM, safari, security, vulnerability