I don't have any more information than you do. A few points:
- Use Google to query the string "iphone buffer overflow".
- Maybe you don't understand what is happening in the video that was posted... they load a web-page that simultaneously crashes Safari and runs their code. Seems what's going on is pretty clear to me.
- Another clue: the report says the vulnerability also exists in OS X Safari and Windows Safari. If this doesn't mean anything to you - you don't get it.
- The full vulnerability will be revealed at Black Hat. By then Apple can patch Safari. That's why you can't see it now -- not because it doesn't exist.
Denial doesn't make systems any more secure. This could have happened on any other device just as easily. There is no need to get excited or defensive about it.
My issue with using Google to find details on this is that Google reflects public perception more than it reflects reality. The media was reporting it as a buffer overflow. The people who documented and claimed the vulnerability did not call it that. Nowhere in their actual materials did they call it any kind of overflow.
As for the video, you do realize how easy it is to rig demos like that, right? After the airport fiasco, my standard for disclosure is a lot higher. These people didn't even come close to giving the community enough information to verify the issue independently. Thus, I discounted the issue as marketing for the time being and decided to wait until they revealed what was actually going on at Blackhat tomorrow. I was mostly wanting to shoot down some of the stranger things I was seeing in this thread.
Yes, the report says that, but it doesn't necessarily mean anything. At this point, when a vulnerability in something that has been getting a lot of media attention is reported but not disclosed, it looks very much like a hoax. Again, the airport "vulnerability" springs immediately to mind.
Anyway, it would seem that I was wrong and this apparently can lead to ACE:
Apple's security team on their mailing list said:Safari
CVE-ID: CVE-2007-3944
Available for: iPhone v1.0
Impact: Viewing a maliciously crafted web page may lead to arbitrary code execution
Description: Heap buffer overflows exist in the Perl Compatible Regular Expressions (PCRE) library used by the JavaScript engine in Safari. By enticing a user to visit a maliciously crafted web page, an attacker may trigger the issues, which may lead to arbitrary code execution. This update addresses the issues by performing additional validation of JavaScript regular expressions. Credit to Charlie Miller and Jake Honoroff of Independent Security Evaluators for reporting these issues.
It's still not a 'remote code execution' flaw as is being widely reported, and I'm still wondering how they verified arbitrary code execution when the researchers couldn't possibly have had a working toolchain to compile that code when they discovered the issue.
I suppose we'll find out more tomorrow.