It seems that JailbreakMe may use a vulnerability found in PDFs to jailbreak iPhones via the device's internet browser. Initial reports pointed at a Safari exploit. After all, the jailbreak is accessed without a computer by simply directing your Mobile Safari browser to the website.
PC World's Mike Keller breaks it down. Though back in 2007, JailBreakMe.com did surface with the ability to exploit a security hole in Mobile Safari, Apple quickly released a fix. Now the site has a new solution, which doesn't use a browser exploit. It uses what Keller says is "a component for displaying PDF files." Because Safari can read PDFs, the jailbreak uses that component to load the file containing to code.
[via PC World]