CVE-2008-2006

Currently unrated

Key Information:

Vendor: Apple
Status: Ical
Vendor: CVE Published:; 22 May 2008

Summary

Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a .ics file containing (1) a large 16-bit integer on a TRIGGER line, or (2) a large integer in a COUNT field on an RRULE line.

References

http://www.vupen.com/english/advisories/2008/1601

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/42569

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/28632

vdb-entryx_refsource_BID

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 22, 2008
Vulnerability Reserved
Apr 28, 2008