Vulnerabilities in Apple's iCal application

According to Researchers at Core Security Technologies, they have uncovered three vulnerabilities in Apple's iCal application that hackers can exploit to take over vulnerable machines or launch denial-of-service attacks.

iCal is a personal calendar application provided by Apple on Mac OS X and serves as a client-side component to a calendar server, allowing users to create and share multiple calendars. It can also be used as a stand-alone application.

The most serious of the iCal bugs is the result of a memory corruption vulnerability that can be triggered if a user runs a malicious .ics (iCal calendar file).

The other two are null-pointer errors caused when parsing malformed .ics files, Core researchers wrote in the advisory. Version 3.0.1 of iCal, running on the Mac OS X 10.5.1 platform, is vulnerable, Core researchers wrote.

Source: By Cyber Security Tips N Tricks - http://cyberinsp.blogspot.com/

admin_huliq's picture

Posted May 22nd, 2008 by admin_huliq

Your comments...

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <p> <br> <a> <em> <ul> <ol> <li> <strong> <blockquote>

More information about formatting options

4 + 10 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.