Jolla Sailfish OS before 1.1.2.16 allows remote attackers to spoof phone numbers and trigger calls to arbitrary numbers via spaces in a tel: URL.Referenceshttp://sotiriu.de/adv/NSOADV-2015-001.txt
