CVE-2017-18695
Samsung mobile devices running KK (4.4), L (5.0/5.1), M (6.0), and N (7.0) are affected. An attacker who controls a subdomain can discover a user’s credentials during an email account login via an EAS Autodiscover packet. The initial sources reference a Samsung security update, but no remediation...