Flaws Discovered in Apple’s iCal Application
A new set of flaws in Apple's iCal application has been detected that could be exploited by unauthenticated attackers to run an arbitrary program on the affected system with or without user interaction. The vulnerabilities also allow carrying out sustained denial-of-service conditions to cause the iCal application to crash.
According to an advisory by Core Security, one vulnerability among the three vulnerabilities is the most serious because it is caused due to possible memory corruption from the resource free bug that is leveraged with a distorted .ics calendar file that a potential attacker specially crafts.
The remaining two flaws are errors of the null pointer type caused when the distorted .ics files are parsed leading to the collapse of the iCal application, the writt...
» SPAMfighter News - 5/29/2008
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!