Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ical vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1021
The amr ical events lists WordPress plugin up to and including 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for ex...
Amr-ical-events-list Project Amr-ical-events-list
668
VMScore
CVE-2004-1021
iCal prior to 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows malicious users to execute programs and send e-mail via alarms.
Apple Ical 1.5.3
435
VMScore
CVE-2008-1035
Use-after-free vulnerability in Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to trigger memory corruption or possibly execute arbitrary code via an "ATTACH;VALUE=URI:S=osumi" line in a .ics file, which triggers a "r...
Apple Ical 3.0.1
1 EDB exploit
440
VMScore
CVE-2008-2006
Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a .ics file containing (1) a large 16-bit integer on a TRIGGER line,...
Apple Ical 3.0.1
2 EDB exploits
NA
CVE-2023-41853
Cross-Site Request Forgery (CSRF) vulnerability in WP iCal Availability plugin <= 1.0.3 versions.
Wpicalavailability Wp Ical Availability
890
VMScore
CVE-2000-1071
The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote malicious users to monitor X Windows events and gain privileges.
Netscape Iplanet Ical 2.1
725
VMScore
CVE-2000-1072
iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse.
Netscape Iplanet Ical 2.1
1 EDB exploit
641
VMScore
CVE-2000-1073
csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory.
Netscape Iplanet Ical 2.1
1000
VMScore
CVE-2000-1074
csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory.
Netscape Iplanet Ical 2.1
1 EDB exploit
510
VMScore
CVE-2003-1263
ICAL.EXE in iCal 3.7 allows remote malicious users to cause a denial of service (crash) via a malformed HTTP request, possibly due to an invalid method name.
Brown Bear Software Ical 3.7
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »