Vulnerability Details CVE-2016-8507
Yandex Browser for iOS before 16.10.0.2357 does not properly restrict processing of facetime:// URLs, which allows remote attackers to initiate facetime-call without user's approval and obtain video and audio data from a device via a crafted web site.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.5%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
Products affected by CVE-2016-8507
-
cpe:2.3:a:yandex:yandex_browser:-