Описание
The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libical | removed | package | ||
| libical | ignored | stretch | package | |
| libical | no-dsa | jessie | package | |
| libical | no-dsa | wheezy | package |
Примечания
https://bugzilla.mozilla.org/show_bug.cgi?id=1281043
This issue fixed by the commits referenced via https://github.com/libical/libical/issues/251
https://github.com/libical/libical/commit/38757abb495ea6cb40faa5418052278bf75040f7
https://github.com/libical/libical/commit/04d84749e53db08c71ed0ce8b6ba5c11082743cd
https://github.com/libical/libical/commit/830d9530817516377c2bc3b532798ce2c6b4765a
EPSS
Связанные уязвимости
The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function.
The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function.
The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function.
The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function.
EPSS