CVE-2015-1098

Vulnerability

A memory corruption vulnerability exists in Apple iWork on iOS before 8.3 and OS X before 10.10.3. The bug is triggered when a user opens a specially crafted iWork file (e.g., Pages, Numbers, or Keynote document). No special configuration is required beyond having iWork installed. The issue is present in all versions prior to the fixes released in iOS 8.3 and OS X Yosemite 10.10.3 [1][2].

Exploitation

An attacker can exploit this vulnerability by delivering a malicious iWork file to the target user, typically via email, web download, or messaging. The user must open the file in iWork on an affected device. No authentication or special network position is required; the attack is remote and user interaction is limited to opening the file. The exact exploitation steps are not publicly detailed, but the memory corruption can be leveraged to execute arbitrary code [1][2].

Impact

Successful exploitation allows an attacker to execute arbitrary code with the privileges of the current user, or cause a denial of service via application crash or system instability. On iOS, this could lead to full device compromise; on OS X, it could lead to arbitrary code execution within the user's session. The impact is high due to the potential for remote code execution without authentication [1][2].

Mitigation

Apple addressed this vulnerability in iOS 8.3 and OS X Yosemite 10.10.3, released on April 8, 2015. Users should update their devices to these or later versions. No workarounds are available; the only mitigation is to apply the security updates. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog [1][2].