iPhone Mail and Safari Security Flaw [pcadvisor.co.uk]

The 3G iPhone's email application and Safari web browser are vulnerable to attack from phishers and spammers, a researcher has warned.
Browser vulnerability researcher Aviv Raff identified and reported to Apple three different bugs in the iPhone 3G that will allow phishers to dupe users into visiting malicious sites and ensure spammers can flood the phone's inbox with junk mail.

Apple has acknowledged that the two vulnerabilities in Mail are security issues, Raff said, but the company is currently undecided on whether the Safari flaw meets its security bug criteria. At times, Apple has balked at labelling problems as security vulnerabilities, notably in May when it initially said the so-called 'carpet bomb' bug was not security-related. A month later, Apple did patch Safari to stymie the kind of attacks that Raff, and other researchers, had outlined.