CVE-2015-1157

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.reddit.com/r/explainlikeimfive/comments/37edde/eli5_how_that_text_you_can_send_to_friends_turns/", "name": "http://www.reddit.com/r/explainlikeimfive/comments/37edde/eli5_how_that_text_you_can_send_to_friends_turns/", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "http://9to5mac.com/2015/05/27/how-to-fix-ios-text-message-bug-crash-reboot/", "name": "http://9to5mac.com/2015/05/27/how-to-fix-ios-text-message-bug-crash-reboot/", "tags": [], "refsource": "MISC"}, {"url": "http://www.reddit.com/r/apple/comments/37e8c1/malicious_text_message/", "name": "http://www.reddit.com/r/apple/comments/37e8c1/malicious_text_message/", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "https://ghostbin.com/paste/zws9m", "name": "https://ghostbin.com/paste/zws9m", "tags": [], "refsource": "MISC"}, {"url": "http://www.ibtimes.co.uk/apple-ios-bug-sees-message-app-crash-iphone-reboot-simply-by-receiving-message-1503083", "name": "http://www.ibtimes.co.uk/apple-ios-bug-sees-message-app-crash-iphone-reboot-simply-by-receiving-message-1503083", "tags": [], "refsource": "MISC"}, {"url": "http://zanzebek.com/a-simple-text-message-can-ruin-any-iphone/", "name": "http://zanzebek.com/a-simple-text-message-can-ruin-any-iphone/", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "http://www.reddit.com/r/apple/comments/37enow/about_the_latest_iphone_security_vulnerability/", "name": "http://www.reddit.com/r/apple/comments/37enow/about_the_latest_iphone_security_vulnerability/", "tags": [], "refsource": "MISC"}, {"url": "http://www.securitytracker.com/id/1032408", "name": "1032408", "tags": [], "refsource": "SECTRACK"}, {"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html", "name": "APPLE-SA-2015-06-30-2", "tags": ["Patch", "Vendor Advisory"], "refsource": "APPLE"}, {"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html", "name": "APPLE-SA-2015-06-30-1", "tags": ["Vendor Advisory"], "refsource": "APPLE"}, {"url": "http://support.apple.com/kb/HT204941", "name": "http://support.apple.com/kb/HT204941", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://support.apple.com/kb/HT204942", "name": "http://support.apple.com/kb/HT204942", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html", "name": "APPLE-SA-2015-09-16-3", "tags": ["Patch", "Vendor Advisory"], "refsource": "APPLE"}, {"url": "https://support.apple.com/HT205221", "name": "https://support.apple.com/HT205221", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/75491", "name": "75491", "tags": [], "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2) a WhatsApp message."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-17"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-1157", "ASSIGNER": "product-security@apple.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "severity": "HIGH", "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2015-05-28T01:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "10.0.3"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "12.2"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2016-11-28T19:17Z"}