Apple iOS VCF Processing Flaw in Messages App Lets Remote Users Cause the Target Application to Crash
|
SecurityTracker Alert ID: 1037540 |
SecurityTracker URL: http://securitytracker.com/id/1037540
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jan 1 2017
|
Impact:
Denial of service via network
|
Exploit Included: Yes
|
Version(s): 8 - 10.2.1 b2
|
Description:
A vulnerability was reported in Apple iOS. A remote user can cause the target application to crash.
A remote user can send an MMS message with a specially crafted VCF contact file that, when loaded by the target user, will cause the target Messages application to hang or crash.
A demonstration exploit file is available at:
http://vincedes3.com/vincedes3.vcf
The original advisory is available at:
https://vincedes3.com/crash-message-app-iphone/
@vincedes3 reported this vulnerability.
|
Impact:
A remote user can cause the target application to crash.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: apple.com/ (Links to External Site)
|
Cause:
Not specified
|
|
Message History:
None.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|