Apple iCal 'COUNT' Parameter Integer Overflow Vulnerability

Apple iCal 'COUNT' Parameter Integer Overflow Vulnerability

To exploit this issue, an attacker must entice an unsuspecting user to import a malicious '.ics' file.

A vulnerable '.ics' file will contain the folllowing line:

RRULE:FREQ=DAILY;INTERVAL=1;COUNT=2147483646

The following proof-of-concept '.ics' file is available:

/data/vulnerabilities/exploits/28629.ics