The Sandbox Profiles implementation in Apple iOS before 8 does not properly restrict the third-party app sandbox profile, which allows attackers to obtain sensitive Apple ID information via a crafted app.
http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/96104
Published: 2014-09-18
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
Severity: Medium