CVE-2015-7033

Apple iWork < 2.6, Keynote < 6.6, Pages < 5.6, Numbers < 3.6 - Remote Code Execution via Crafted Document

Title source: llm
STIX 2.1

Description

The Apple iWork application before 2.6 for iOS, Apple Keynote before 6.6, Apple Pages before 5.6, and Apple Numbers before 3.6 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted document.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033823
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033825
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033826
Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2015/Oct/msg00000.html
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT205373

Scores

EPSS 0.0292
EPSS Percentile 85.4%

Details

CWE
CWE-119
Status published
Products (4)
apple/iwork < 2.5.4
apple/keynote < 6.5
apple/numbers < 3.5
apple/pages < 5.5.3
Published Oct 18, 2015
Tracked Since Feb 18, 2026