Off-by-one error in Telephony in Apple iOS before 6 allows remote attackers to cause a denial of service (buffer overflow and connectivity outage) via a crafted user-data header in an SMS message.