I thought this part was interesting:
"..this particular vulnerability appears to be the first successful workaround for both ASLR and Data Execution Prevention (DEP), a security feature preventing applications from executing code from a non-executable memory region."

I also think it's ironic that the the jailbreak community, which Apple is against, has a patch out for the problem while Apple hasn't released a fix yet.


Apple Pledges To Fix Critical iOS 'Jailbreaking' Flaw...
Specifically, the vulnerabilities affect PDF files transmitted or viewed on several versions of Apple’s iOS -- Apple’s mobile operating system the powers iPhone, iPad and iPod Touch -- according to researchers at the German Federal Office for Information Security, also known as BSI.

The flaws occur in iPhone 3G and iPhone 4, as well as iPad and iPod Touch, running iOS 4.3.3 and higher, BSI researchers said in a (German) advisory .
...
However, Apple declined to specify exactly when the fix would be released.

One security issue occurs in the way the iOS parses fronts the mobile version of Apple’s Safari browser, while another allows hackers to bypass Apple’s ASLR (address space layout randomization), a security feature that involves random position arrangement of key data areas that make it more challenging for hackers to predict target addresses and launch attacks.
...
In an attack scenario, cyber criminals could exploit the security flaws by creating a malicious PDF distributed via a link embedded over e-mail or social networking site. Apple's browser Safari would open the infected PDF file once users clicked on the link, subsequently downloading malware onto their device. Attackers could then use the installed malware to access users personal or financial data stored on their iPhones or iPads, including online banking information, credit card numbers, text messages, calendars, e-mails and passwords. They could also exploit the flaw to intercept users’ phone conversations and locate and track users via the iPhone’s GPS capabilities.

“And then the attacker could do anything from setting the iPhone’s wallpaper to a picture of Rick Astley, to opening a remote connection and stealing log files from the phone,” said Sean Sullivan, security advisor at Finnish security firm F-Secure .
...