[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-1035Date: (C)2008-06-03   (M)2023-12-22


Use-after-free vulnerability in Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to trigger memory corruption or possibly execute arbitrary code via an "ATTACH;VALUE=URI:S=osumi" line in a .ics file, which triggers a "resource liberation" bug. NOTE: CVE-2008-2007 was originally used for this issue, but this is the appropriate identifier.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1020095
http://www.securityfocus.com/archive/1/492414/100/0/threaded
http://www.securityfocus.com/archive/1/492638/100/100/threaded
http://www.securityfocus.com/archive/1/492682/100/0/threaded
BID-28633
BID-29412
BID-29486
SECUNIA-30430
ADV-2008-1601
ADV-2008-1697
APPLE-SA-2008-05-28
TA08-150A
http://www.coresecurity.com/?action=item&id=2219

CWE    1
CWE-94

© SecPod Technologies