7.8
CVE-2015-1157
- EPSS 5.55%
- Veröffentlicht 28.05.2015 01:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2) a WhatsApp message.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.55% | 0.919 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html
https://support.apple.com/HT205221
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
http://support.apple.com/kb/HT204941
http://support.apple.com/kb/HT204942
http://9to5mac.com/2015/05/27/how-to-fix-ios-text-message-bug-crash-reboot/
http://www.ibtimes.co.uk/apple-ios-bug-sees-message-app-crash-iphone-reboot-simply-by-receiving-message-1503083
http://www.reddit.com/r/apple/comments/37e8c1/malicious_text_message/
http://www.reddit.com/r/apple/comments/37enow/about_the_latest_iphone_security_vulnerability/
http://www.reddit.com/r/explainlikeimfive/comments/37edde/eli5_how_that_text_you_can_send_to_friends_turns/
http://www.securityfocus.com/bid/75491
http://www.securitytracker.com/id/1032408
http://zanzebek.com/a-simple-text-message-can-ruin-any-iphone/
https://ghostbin.com/paste/zws9m