The hacker, who calls himself "pod2g" and is best known for jailbreaking iPhones, said Friday that the vulnerability could let an attacker send a message pretending to be from a bank, credit card company or other trusted source.

Because the flaw does not involve code execution, an attacker does not need to get malware pass Apple, which approves all mobile apps before they are sold on the App Store, the only legitimate site for downloading software for Apple mobile devices.

Pod2g, a self-professed iPhone security researcher, said the flaw is "severe" and affects all current versions of iOS and iOS 6 beta 4. IOS is the iPhone and iPad operating system.

"I am pretty confident that other security researchers already know about this hole, and I fear some pirates as well," he said .Ã'Â

Ã'Â Apple did not respond to a request for comment.