I can't believe people on the internet are telling lies.
The security researchers have also released a white paper. This sounds like a useful vector to allow native applications to run on the iPhone."When the iPhone's version of Safari opens the malicious web page, arbitrary code embedded in the exploit is run with administrative priviledges. In our proof of concept, this code reads the log of SMS messages, the address book, the call history, and the voicemail data. It then transmits all this information to the attacker. However, this code could be replaced with code that does anything that the iPhone can do.
Be careful when a loop exits to the same place from side and bottom.