iOS 4.1 security flaw allows calls to be made on passcode locked iPhone

The hole found in iOS 4.1 allows someone to make calls, gain access to the owner’s contact list, and send emails to anyone in said contact list via a passcode locked iPhone.
Using the combination of sleep button and a fake emergency call, it is possible to access the phone’s contact list and regular keypad even if the device is locked:

1. Make sure to have a passcode lock turned on and lock your device
2. In the lockscreen, tap on Emergency Call in the lower left corner
3. Type a non-existent emergency number (for example, #946494)
4. Start the call
5. When the red button appear hit the sleep button
6. Now you gain access to a contact list

We believe that this bug will be fixed in new iOS 4.2 beta, which is due to be released in November.