CVE Vulnerabilities

CVE-2015-1157

Published: May 28, 2015 | Modified: Nov 28, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2) a WhatsApp message.

Affected Software

Name Vendor Start Version End Version
Iphone_os Apple 8.0 (including) 8.0 (including)
Iphone_os Apple 8.0.1 (including) 8.0.1 (including)
Iphone_os Apple 8.0.2 (including) 8.0.2 (including)
Iphone_os Apple 8.1 (including) 8.1 (including)
Iphone_os Apple 8.1.2 (including) 8.1.2 (including)
Iphone_os Apple 8.1.3 (including) 8.1.3 (including)
Iphone_os Apple 8.2 (including) 8.2 (including)
Iphone_os Apple 8.3 (including) 8.3 (including)

References