3 matches found
CVE-2008-1035
CVE-2008-1035 is a use-after-free in Apple iCal 3.0.1 on Mac OS X. The vulnerability arises from how iCal handles iCalendar (.ics) files, allowing a crafted ICS line (ATTACH;VALUE=URI:S=osumi) to trigger memory corruption and potentially arbitrary code execution. Exploitation could involve remote...
CVE-2008-2006
Summary of the CVE-2008-2006 family (Apple iCal) : The iCal client on Mac OS X 10.5.x (notably 3.0.1; affected up to 10.5.2; PoCs mention 3.0.1/3.0.2) contains multiple input-validation bugs in ICS parsing. Root causes include (1) integer overflow/null-pointer dereference on a COUNT value in an R...
CVE-2004-1021
CVE-2004-1021 affects iCal prior to 1.5.4 on Mac OS X 10.2.3 and later. The underlying issue is that iCal does not alert the user for alarms in calendars, enabling an attacker to cause the execution of programs and sending of email via alarms. The description and public references in the provided...