CVE-2015-1125
The touch-events implementation in WebKit in Apple iOS before 8.3 allows remote attackers to trigger an association between a tap and an unintended web resource via a crafted web site.
Date published : 2015-04-10
http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html