Most Popular

Top Stories Latest Featured

Windows 7 to be officially named... Windows 7

FCC report clears free nationwide wireless plan

TechSpot Blog: Use the Windows Embedded Theme on XP and Server 2003

News from around the web (10/13/08)

Asustek to introduce Eee motherboards

News from around the web (10/14/08)

Asus recalls all Eee Box PCs sold in Japan

FTC shuts down large spam operation

More Top Stories

Downloads & Drivers

Downloads Drivers Essentials

Fresh UI 8.17

GoodSync 7.5.1

Image for Windows 2.20a

Backup4all 4.0 build 111

Microsoft Malicious Software Removal Tool 2.3

More Downloads

TS Community

Recent Discussions Community Archive

Laptop slow, full of trojans

BSOD at startup (Win XP sp3)

Dell Inspiron 9300 - Serious Issue, Malware?

Sony Vaio Keyboard Trouble Please Help

Upgrade Ram Problem

More at the Forum

Subscribe

Newsletter Our Feeds

Receive weekly updates on new articles, news and contests in your mail!

Email address:

IT

Researchers disclose bugs found in Apple's iCal

By Jose Vilches, TechSpot.com
Published: May 22, 2008, 10:03 AM EST

Earlier this year a company called Core Security reported it had found critical vulnerabilities in Apple’s iCal calendar program that can be remotely exploited to crash the application or execute arbitrary code. Now, after several months of Apple wavering over whether the flaws were serious enough to warrant patches, the security vendor has decided to detail the three bugs hoping that it would prompt Apple to take action more rapidly.

According to an advisory from Core Security, the most serious of the bugs is the result of a memory corruption vulnerability that can be triggered if a user runs a malicious .ics file, while the other two are null-pointer errors caused when parsing malformed .ics files. The vulnerabilities affect iCal version 3.0.1 running on Mac OS X 10.5.1. As of this writing, no official patch has been released from Apple so until then users are strongly advised to only open .ics files from a known, verified source.

Related Stories

1 comment
RSS

User Comments (1)

Post a comment
sngx1275
on May 23, 2008
9:51 AM		10.5.1? Not 10.5.2? If that is true, I can understand why they are slow to reach a patch, Apple pushes out updates that are about as nagging as Windows, so everyone should be running 10.5.2 now.

Browse more commented news