CVSS: 9.8EPSS: 86%CPEs: 1EXPL: 2CVE-2008-1035 – Apple iCal 3.0.1 - 'ATTACH' Denial of Service
https://notcve.org/view.php?id=CVE-2008-1035
03 Jun 2008 — Use-after-free vulnerability in Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to trigger memory corruption or possibly execute arbitrary code via an "ATTACH;VALUE=URI:S=osumi" line in a .ics file, which triggers a "resource liberation" bug. NOTE: CVE-2008-2007 was originally used for this issue, but this is the appropriate identifier. Una vulnerabilidad de uso de la memoria previamente liberada en Apple iCal versión 3.0.1 en Mac OS X, permite a los servidores... • https://www.exploit-db.com/exploits/31620 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 13%CPEs: 2EXPL: 4CVE-2008-2006 – Apple iCal 3.0.1 - 'TRIGGER' Denial of Service
https://notcve.org/view.php?id=CVE-2008-2006
22 May 2008 — Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a .ics file containing (1) a large 16-bit integer on a TRIGGER line, or (2) a large integer in a COUNT field on an RRULE line. Apple iCal versión 3.0.1 en Mac OS X, permite a los servidores remotos CalDAV y los atacantes remotos asistidos por el usuario causar una denegación de servicio (desreferenc... • https://www.exploit-db.com/exploits/31619 • CWE-20: Improper Input Validation •