“The vulnerabilities may allow un-authenticated attackers to execute arbitrary code on vulnerable systems with (and potentially without) the assistance from the end user of the application or to repeatedly execute a denial of service attack to crash the iCal application,” said Core Security.
The advisory states that iCal 3.01 running on Mac OS X 10.5.1 is still vulnerable, but it’s unclear if the latest version of both iCal and Mac OS X (3.02 and 10.5.2, respectively) fix the problems. Apple asked Core Security to delay publication of its findings, but Core Security set May 21 as its drop-deadline.
Core Security first reported the bugs in January. Apple fixed one of the bugs in a security release in March (2008-002), but thought that the others were not as critical as Core Security did. After Apple pushed back the release date for the remaining patches several times, a frustrated Core Security said they would release details of the bugs.