CVE-2015-1157

CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2) a WhatsApp message.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://www.reddit.com/r/explainlikeimfive/comments/37edde/eli5_how_that_text_you_can_send_to_friends_turns/	Exploit
http://9to5mac.com/2015/05/27/how-to-fix-ios-text-message-bug-crash-reboot/
http://www.reddit.com/r/apple/comments/37e8c1/malicious_text_message/	Exploit
https://ghostbin.com/paste/zws9m
http://www.ibtimes.co.uk/apple-ios-bug-sees-message-app-crash-iphone-reboot-simply-by-receiving-message-1503083
http://zanzebek.com/a-simple-text-message-can-ruin-any-iphone/	Exploit
http://www.reddit.com/r/apple/comments/37enow/about_the_latest_iphone_security_vulnerability/
http://www.securitytracker.com/id/1032408
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html	Patch Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html	Vendor Advisory
http://support.apple.com/kb/HT204941	Vendor Advisory
http://support.apple.com/kb/HT204942	Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html	Patch Vendor Advisory
https://support.apple.com/HT205221	Vendor Advisory
http://www.securityfocus.com/bid/75491

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:iphone_os:8.3:::::::*
	cpe:2.3:o:apple:iphone_os:8.0:::::::*
	cpe:2.3:o:apple:iphone_os:8.1.2:::::::*
	cpe:2.3:o:apple:iphone_os:8.1:::::::*
	cpe:2.3:o:apple:iphone_os:8.0.2:::::::*
	cpe:2.3:o:apple:iphone_os:8.0.1:::::::*
	cpe:2.3:o:apple:iphone_os:8.2:::::::*
	cpe:2.3:o:apple:iphone_os:8.1.3:::::::*

Configuration 2 (hide)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*

Information

Published : 2015-05-27 18:59

Updated : 2016-11-28 11:17

NVD link : CVE-2015-1157

Mitre link : CVE-2015-1157

JSON object : View

CWE

CWE-17

DEPRECATED: Code

Products Affected

apple

mac_os_x
itunes
iphone_os

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.reddit.com/r/explainlikeimfive/comments/37edde/eli5_how_that_text_you_can_send_to_friends_turns/", "name": "http://www.reddit.com/r/explainlikeimfive/comments/37edde/eli5_how_that_text_you_can_send_to_friends_turns/", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "http://9to5mac.com/2015/05/27/how-to-fix-ios-text-message-bug-crash-reboot/", "name": "http://9to5mac.com/2015/05/27/how-to-fix-ios-text-message-bug-crash-reboot/", "tags": [], "refsource": "MISC"}, {"url": "http://www.reddit.com/r/apple/comments/37e8c1/malicious_text_message/", "name": "http://www.reddit.com/r/apple/comments/37e8c1/malicious_text_message/", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "https://ghostbin.com/paste/zws9m", "name": "https://ghostbin.com/paste/zws9m", "tags": [], "refsource": "MISC"}, {"url": "http://www.ibtimes.co.uk/apple-ios-bug-sees-message-app-crash-iphone-reboot-simply-by-receiving-message-1503083", "name": "http://www.ibtimes.co.uk/apple-ios-bug-sees-message-app-crash-iphone-reboot-simply-by-receiving-message-1503083", "tags": [], "refsource": "MISC"}, {"url": "http://zanzebek.com/a-simple-text-message-can-ruin-any-iphone/", "name": "http://zanzebek.com/a-simple-text-message-can-ruin-any-iphone/", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "http://www.reddit.com/r/apple/comments/37enow/about_the_latest_iphone_security_vulnerability/", "name": "http://www.reddit.com/r/apple/comments/37enow/about_the_latest_iphone_security_vulnerability/", "tags": [], "refsource": "MISC"}, {"url": "http://www.securitytracker.com/id/1032408", "name": "1032408", "tags": [], "refsource": "SECTRACK"}, {"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html", "name": "APPLE-SA-2015-06-30-2", "tags": ["Patch", "Vendor Advisory"], "refsource": "APPLE"}, {"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html", "name": "APPLE-SA-2015-06-30-1", "tags": ["Vendor Advisory"], "refsource": "APPLE"}, {"url": "http://support.apple.com/kb/HT204941", "name": "http://support.apple.com/kb/HT204941", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://support.apple.com/kb/HT204942", "name": "http://support.apple.com/kb/HT204942", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html", "name": "APPLE-SA-2015-09-16-3", "tags": ["Patch", "Vendor Advisory"], "refsource": "APPLE"}, {"url": "https://support.apple.com/HT205221", "name": "https://support.apple.com/HT205221", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/75491", "name": "75491", "tags": [], "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2) a WhatsApp message."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-17"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-1157", "ASSIGNER": "product-security@apple.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "severity": "HIGH", "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2015-05-28T01:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "10.0.3"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "12.2"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2016-11-28T19:17Z"}

7.8 /10