Vulnerabilities > Apple > Ical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-06-03 | CVE-2008-1035 | Code Injection vulnerability in Apple Ical 3.0.1 Use-after-free vulnerability in Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to trigger memory corruption or possibly execute arbitrary code via an "ATTACH;VALUE=URI:S=osumi" line in a .ics file, which triggers a "resource liberation" bug. | 4.3 |
| 2008-05-22 | CVE-2008-2006 | Improper Input Validation vulnerability in Apple Ical 3.0.1 Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a .ics file containing (1) a large 16-bit integer on a TRIGGER line, or (2) a large integer in a COUNT field on an RRULE line. | 4.3 |
| 2005-03-01 | CVE-2004-1021 | Unspecified vulnerability in Apple Ical 1.5.3 iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows attackers to execute programs and send e-mail via alarms. | 7.5 |