RHEL 6 : libical (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libical: Use-after-free CVE-2016-9584 - The icalparserparsestring function in libical 0.47 and 1.0 allows...

OSV-2020-559 Use-of-uninitialized-value in parser_get_next_char

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14739 Crash type: Use-of-uninitialized-value Crash state: parsergetnextchar parsergetparamnameheap icalparseraddline...

DEBIAN-CVE-2019-11703

A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...

Heap overflow

A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20190627)

Security Fixes : - Mozilla: Type confusion in Array.pop CVE-2019-11707 - thunderbird: Stack buffer overflow in icalrecuraddbydayrules in icalrecur.c CVE-2019-11705 - Mozilla: Sandbox escape using Prompt:Open CVE-2019-11708 - thunderbird: Heap buffer over read in icalparser.c parsergetnextchar...

libical: Heap buffer over read in icalparser.c parser_get_next_char

A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...

openSUSE Security Update : MozillaThunderbird (openSUSE-2019-1583)

This update for MozillaThunderbird fixes the following security issues : - CVE-2019-11703: Fixed a heap-based buffer overflow in icalmemorystrdupanddequote bsc1137595. - CVE-2019-11704: Fixed a heap-based buffer overflow in parsergetnextchar bsc1137595. - CVE-2019-11705: Fixed a stack-based buffe...

CVE-2019-11703

A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...

libical/libical_fuzzer: Use-of-uninitialized-value in parser_get_next_char

Project: https://github.com/libical/libical.git Detailed report: https://oss-fuzz.com/testcase?key=5695048311635968 Project: libical Fuzzer: libFuzzerlibicalfuzzer Fuzz target binary: libicalfuzzer Job Type: libfuzzermsanlibical Platform Id: linux Crash Type: Use-of-uninitialized-value Crash...

CVE-2016-5826

The parsergetnextchar function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service out-of-bounds heap read by crafting a string to the icalparserparsestring function...

Out-of-bounds

The parsergetnextchar function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service out-of-bounds heap read by crafting a string to the icalparserparsestring function...