Apple have left gaping security holes in their iCal application, bundled with OS X, for four months.
Researchers out Apple over unpatched iCal bugs | The RegisterResearchers at Core Security have released details of three vulnerabilities in Apple iCal scheduling application, after four months of talks with the company.
The iCal bugs comprise a single memory corruption flaw and two null-pointer vulnerabilities. The memory corruption bug creates a mechanism for attackers to inject hostile code into affected systems. The null pointer bugs might be used to crash the scheduling program.
There are currently 1 users browsing this thread. (0 members and 1 guests)