Vulnerabilities > CVE-2017-2404 - Unspecified vulnerability in Apple Iphone OS
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Quick Look" component. It allows remote attackers to trigger telephone calls to arbitrary numbers via a tel: URL in a PDF document, as exploited in the wild in October 2016.
Vulnerable Configurations
References
- http://www.securityfocus.com/bid/97138
- http://www.securityfocus.com/bid/97138
- http://www.securitytracker.com/id/1038139
- http://www.securitytracker.com/id/1038139
- https://support.apple.com/HT207617
- https://support.apple.com/HT207617
- https://www.engadget.com/2017/03/31/apple-fixes-ios-loophole-911-overload/
- https://www.engadget.com/2017/03/31/apple-fixes-ios-loophole-911-overload/