CVE-2008-2006

CVE Database · CVE-2008-2006

CVE-2008-2006

· N/AModified

CVSS v3.1

N/A

EPSS

9.65%

Published

May 22, 2008

Modified

Apr 22, 2026

Public PoC / Exploit (3)

All weaponized →

Exploit-DBApple iCal 3.0.1 - 'TRIGGER' Denial of Service Exploit-DBApple iCal 3.0.1 - 'COUNT' Integer Overflow TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a .ics file containing (1) a large 16-bit integer on a TRIGGER line, or (2) a large integer in a COUNT field on an RRULE line.

Weaknesses (CWE)

CWE-20

Affected Products (2)

apple · mac_os_x

apple · icalvulnerable

References (20)

http://securityreason.com/securityalert/3901

http://www.coresecurity.com/?action=item&id=2219

Exploit

http://www.securityfocus.com/archive/1/492414/100/0/threaded

http://www.securityfocus.com/archive/1/492638/100/100/threaded

http://www.securityfocus.com/archive/1/492682/100/0/threaded