Apple iCal 'ATTACH' Parameter Denial Of Service Vulnerability

info
discussion
exploit
solution
references

Apple iCal 'ATTACH' Parameter Denial Of Service Vulnerability

Apple iCal is prone to a denial-of-service vulnerability because it fails to adequately sanitize user-supplied input data.

Successful exploits will crash the application. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.

iCal 3.0.1 is vulnerable; other versions may also be affected.