Apple · Uikit Webview · CVE-2015-3758
**Name of the Vulnerable Software and Affected Versions**
iOS versions prior to 8.4.1
**Description**
The issue exists due to insufficient input validation in the UIKit WebView component of the iOS operating system. This allows a remote attacker to initiate arbitrary FaceTime calls using a specially crafted URL, bypassing the intended user-confirmation requirement.
**Recommendations**
For iOS versions prior to 8.4.1, update to version 8.4.1 or later to resolve the issue. As a temporary workaround, consider restricting access to FaceTime or avoiding the use of specially crafted URLs in the affected UIKit WebView component until the issue is resolved.