CVE-2008-2006

Exploit

EPSS 34.11%
Veröffentlicht 22.05.2008 13:09:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a .ics file containing (1) a large 16-bit integer on a TRIGGER line, or (2) a large integer in a COUNT field on an RRULE line.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ Ical Version3.0.1

Apple ≫ macOS X Version10.5.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	34.11%	0.968

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://securityreason.com/securityalert/3901

http://www.coresecurity.com/?action=item&id=2219

Exploit

http://www.securityfocus.com/archive/1/492414/100/0/threaded

http://www.securityfocus.com/archive/1/492638/100/100/threaded

http://www.securityfocus.com/archive/1/492682/100/0/threaded

http://www.securityfocus.com/bid/28629

http://www.securityfocus.com/bid/28632

Exploit

http://www.securitytracker.com/id?1020094

http://www.vupen.com/english/advisories/2008/1601

https://exchange.xforce.ibmcloud.com/vulnerabilities/42569

https://nvd.nist.gov/vuln/detail/CVE-2008-2006

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-2006

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-2006

EUVD