Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2006

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-2006
Last Modified 07 Mar 2011 10:08:34
Published 22 May 2008 09:09:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2006

Summary

Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a .ics file containing (1) a large 16-bit integer on a TRIGGER line, or (2) a large integer in a COUNT field on an RRULE line.

Vulnerable Systems

Application

  • Apple Ical 3.0.1


References

XF - ical-trigger-dos(42569)

VUPEN - ADV-2008-1601

SECTRACK - 1020094

BID - 28632

BID - 28629

BUGTRAQ - 20080528 Re: CORE-2008-0126: Multiple vulnerabilities in iCal

BUGTRAQ - 20080527 Re: CORE-2008-0126: Multiple vulnerabilities in iCal

BUGTRAQ - 20080521 CORE-2008-0126: Multiple vulnerabilities in iCal

MISC - http://www.coresecurity.com/?action=item&id=2219

SREASON - 3901


Last Updated: 27 May 2016 10:47:44