According to Researchers at Core Security Technologies, they have uncovered three vulnerabilities in Apple's iCal application that hackers can exploit to take over vulnerable machines or launch denial-of-service attacks.
iCal is a personal calendar application provided by Apple on Mac OS X and serves as a client-side component to a calendar server, allowing users to create and share multiple calendars. It can also be used as a stand-alone application.
The most serious of the iCal bugs is the result of a memory corruption vulnerability that can be triggered if a user runs a malicious .ics (iCal calendar file).
The other two are null-pointer errors caused when parsing malformed .ics files, Core researchers wrote in the advisory. Version 3.0.1 of iCal, running on the Mac OS X 10.5.1 platform, is vulnerable, Core researchers wrote.
Source: By Cyber Security Tips N Tricks - http://cyberinsp.blogspot.com/
Comment and add to the story without registration, but keep the comments meaningful please. Links are not accepted.
