Apple iCal 'COUNT' Parameter Integer Overflow Vulnerability

info
discussion
exploit
solution
references

Apple iCal 'COUNT' Parameter Integer Overflow Vulnerability

To exploit this issue, an attacker must entice an unsuspecting user to import a malicious '.ics' file.

A vulnerable '.ics' file will contain the folllowing line:

RRULE:FREQ=DAILY;INTERVAL=1;COUNT=2147483646

The following proof-of-concept '.ics' file is available:

/data/vulnerabilities/exploits/28629.ics