CVE-2015-1157
Description
CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2) a WhatsApp message.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: product-security@apple.com — https://support.apple.com/HT205221
Vendor advisory: product-security@apple.com — http://support.apple.com/kb/HT204942
Vendor advisory: product-security@apple.com — http://support.apple.com/kb/HT204941
Vendor advisory: product-security@apple.com — http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html
Vendor advisory: product-security@apple.com — http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
Vendor advisory: product-security@apple.com — http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| macos | 8.0 | affected | |
| macos | 8.0.1 | affected | |
| macos | 8.0.2 | affected | |
| macos | 8.1 | affected | |
| macos | 8.1.2 | affected | |
| macos | 8.1.3 | affected | |
| macos | 8.2 | affected | |
| macos | 8.3 | affected | |
| macos | affected | |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| apple | itunes | {"endIncluding":"12.2"} | |
References
- http://9to5mac.com/2015/05/27/how-to-fix-ios-text-message-bug-crash-reboot/
- http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
- http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
- http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html
- http://support.apple.com/kb/HT204941
- http://support.apple.com/kb/HT204942
- http://www.ibtimes.co.uk/apple-ios-bug-sees-message-app-crash-iphone-reboot-simply-by-receiving-message-1503083
- http://www.reddit.com/r/apple/comments/37e8c1/malicious_text_message/
- http://www.reddit.com/r/apple/comments/37enow/about_the_latest_iphone_security_vulnerability/
- http://www.reddit.com/r/explainlikeimfive/comments/37edde/eli5_how_that_text_you_can_send_to_friends_turns/
- http://www.securityfocus.com/bid/75491
- http://www.securitytracker.com/id/1032408
- http://zanzebek.com/a-simple-text-message-can-ruin-any-iphone/
- https://ghostbin.com/paste/zws9m
- https://support.apple.com/HT205221
- http://9to5mac.com/2015/05/27/how-to-fix-ios-text-message-bug-crash-reboot/
- http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
- http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
- http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html
- http://support.apple.com/kb/HT204941
- http://support.apple.com/kb/HT204942
- http://www.ibtimes.co.uk/apple-ios-bug-sees-message-app-crash-iphone-reboot-simply-by-receiving-message-1503083
- http://www.reddit.com/r/apple/comments/37e8c1/malicious_text_message/
- http://www.reddit.com/r/apple/comments/37enow/about_the_latest_iphone_security_vulnerability/
- http://www.reddit.com/r/explainlikeimfive/comments/37edde/eli5_how_that_text_you_can_send_to_friends_turns/
CWEs
CWE-17
Verify integrity in audit chain (admin only). AS-IS.