post #1 of 1
Thread Starter 
Quote:
Apple's iCal calendar application contains three vulnerabilities that could allow an attacker to crash the application or execute remote code on the victim's Mac, according to security vendor Core Security Technologies.

Core Security released an advisory on Wednesday detailing the vulnerabilities, which affect iCal version 3.0.1 running under Mac OS X 10.5.1 (Leopard).

"The most serious of the three vulnerabilities is due to potential memory corruption resulting from a resource liberation bug that can be triggered with a malformed .ics calendar file specially crafted by a would-be attacker," the advisory warns.

The other two vulnerabilities could be used to crash iCal using a maliciously crafted .ics (iCal) file. Core Security said that it has investigated the possibility of using these two flaws to execute arbitrary code but has not proven such an attack is possible.
Source
Black Ice
(17 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500K Gigabyte GA-Z68XP-UD3 EVGA GTX 560 Ti Superclocked (01G-P3-1563-AR) G-SKILL Ripjaws X Series F3-12800CL7-4GBXH (x2) 
Hard DriveHard DriveOptical DriveCooling
Crucial M4 SATA 6GB/s SSD (CT128M4SSD2) OCZ Vertex 3 6GB/s SSD (VTX3-25SAT3-120G) Samsung Blu-Ray Combo Internal 12XReadable and ... Cooler Master Hyper 212 Plus (RR-B10-212P-G1) 
OSMonitorKeyboardPower
Windows 7 Professional x64 Samsung SyncMaster 2494HM (24" @1920x1080) Deck Legend Frost (105 key tactile) Corsair HX850 (CMPSU-850HX) 
CaseMouseMouse PadMouse Pad
Corsair Carbide Series 500R (CC-9011012-WW) Logitech G500 Gaming Mouse Steelseries 4HD Steelseries 63005SS QcK mini Mouse Pad 
Audio
ASUS Xonar D2 (PCI) 
  hide details  
Reply
Black Ice
(17 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500K Gigabyte GA-Z68XP-UD3 EVGA GTX 560 Ti Superclocked (01G-P3-1563-AR) G-SKILL Ripjaws X Series F3-12800CL7-4GBXH (x2) 
Hard DriveHard DriveOptical DriveCooling
Crucial M4 SATA 6GB/s SSD (CT128M4SSD2) OCZ Vertex 3 6GB/s SSD (VTX3-25SAT3-120G) Samsung Blu-Ray Combo Internal 12XReadable and ... Cooler Master Hyper 212 Plus (RR-B10-212P-G1) 
OSMonitorKeyboardPower
Windows 7 Professional x64 Samsung SyncMaster 2494HM (24" @1920x1080) Deck Legend Frost (105 key tactile) Corsair HX850 (CMPSU-850HX) 
CaseMouseMouse PadMouse Pad
Corsair Carbide Series 500R (CC-9011012-WW) Logitech G500 Gaming Mouse Steelseries 4HD Steelseries 63005SS QcK mini Mouse Pad 
Audio
ASUS Xonar D2 (PCI) 
  hide details  
Reply