CVE-2015-7034

Apple iWork < 2.5.4 and Pages < 5.5.3 - Remote Code Execution via Crafted Pages Document

Title source: llm
STIX 2.1

Description

The Apple iWork application before 2.6 for iOS and Apple Pages before 5.6 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Pages document.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033821
Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2015/Oct/msg00000.html
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT205373

Scores

EPSS 0.0282
EPSS Percentile 84.9%

Details

CWE
CWE-119
Status published
Products (2)
apple/iwork < 2.5.4
apple/pages < 5.5.3
Published Oct 18, 2015
Tracked Since Feb 18, 2026