Edited to add: Due to a communication error between our labs, we incorrectly stated that the exploit PDF files, mentioned below, crash Adobe Reader. This is not the case. Our apologies for the error.
The iOS drive-by jailbreak available at jailbreakme.com (see yesterday's post) utilizes a PDF exploit. The PDF files, 20 of them, for various combinations of hardware/firmware, are located in a subdirectory off the root of the website.
"Starting to get a handle on jailbreakme.com exploit. Very beautiful work. Scary how it totally defeats apple's security architecture."
In our testing, the PDF files crash both Adobe Reader and Foxit on Windows. We detect them as variants of Exploit:W32/Pidief. While these files are not being used maliciously, an exploit is an exploit, and we'll add detections for them.
Do note that by default, there's no separate PDF viewer on an iPhone. Instead, PDF viewing is built into the Safari browser. The attack uses a corrupted font placed inside the PDF file to crash the Compact Font Format (CFF) handler.
JailbreakMe is exploiting two vulnerabilities in iOS, the PDF support flaw allows for the execution of code, and another vulnerability in the kernel allows for an escalation of privileges to escape from the sandbox. VUPEN Security has a detailed vulnerability report.