7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6 Medium
AI Score
Confidence
Low
0.126 Low
EPSS
Percentile
95.5%
CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2) a WhatsApp message.
9to5mac.com/2015/05/27/how-to-fix-ios-text-message-bug-crash-reboot/
lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
lists.apple.com/archives/security-announce/2015/Sep/msg00003.html
support.apple.com/kb/HT204941
support.apple.com/kb/HT204942
www.ibtimes.co.uk/apple-ios-bug-sees-message-app-crash-iphone-reboot-simply-by-receiving-message-1503083
www.reddit.com/r/apple/comments/37e8c1/malicious_text_message/
www.reddit.com/r/apple/comments/37enow/about_the_latest_iphone_security_vulnerability/
www.reddit.com/r/explainlikeimfive/comments/37edde/eli5_how_that_text_you_can_send_to_friends_turns/
www.securityfocus.com/bid/75491
www.securitytracker.com/id/1032408
zanzebek.com/a-simple-text-message-can-ruin-any-iphone/
ghostbin.com/paste/zws9m
support.apple.com/HT205221