CVE-2016-4620 (iphone_os)

The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via a crafted app.

Source: CVE-2016-4620 (iphone_os)