Unlike some jailbreaking apps, JailbreakMe.com does not require a
third-party app. All you have to do is visit the JailbreakMe.com
on your iPhone and follow the onscreen instructions. When it’s
done, your phone will be jailbroken.
Yikes. It’s odd how the press is mostly covering this as “jailbreaking now more convenient” rather than “remote code exploit now in the wild”.
Here’s an analysis by Ching-Lan Huang suggesting that it’s using a PDF heap overflow to execute code. But Huang is wrong — Apple has its own PDF rendering engine, it doesn’t use Adobe’s, and the heap overflow bug Huang points to is in the Acrobat PDF renderer. Charlie Miller says it’s exploiting a PDF font bug in Apple’s renderer, and says:
Starting to get a handle on jailbreakme.com exploit. Very
beautiful work. Scary how it totally defeats Apple’s security
★ Monday, 2 August 2010