The Telephony subsystem in Apple iOS before 8.4 allows physically proximate attackers to execute arbitrary code via a crafted (1) SIM or (2) UIM card.
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
http://support.apple.com/kb/HT204941