Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
12 vulnerabilities found for libical by libical_project
CVE-2016-5827 (GCVE-0-2016-5827)
Vulnerability from nvd – Published: 2017-01-27 22:01 – Updated: 2024-08-06 01:15
VLAI
Summary
The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/91459 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2016/06/25/4 | mailing-listx_refsource_MLIST |
| https://bugzilla.mozilla.org/show_bug.cgi?id=1281043 | x_refsource_MISC |
Date Public
2016-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281043"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-30T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281043"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281043",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281043"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5827",
"datePublished": "2017-01-27T22:01:00.000Z",
"dateReserved": "2016-06-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:15:10.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5826 (GCVE-0-2016-5826)
Vulnerability from nvd – Published: 2017-01-27 22:01 – Updated: 2024-08-06 01:15
VLAI
Summary
The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) by crafting a string to the icalparser_parse_string function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/91459 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2016/06/25/4 | mailing-listx_refsource_MLIST |
| https://bugzilla.mozilla.org/show_bug.cgi?id=1281041 | x_refsource_MISC |
Date Public
2016-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) by crafting a string to the icalparser_parse_string function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-30T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281041"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) by crafting a string to the icalparser_parse_string function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281041",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281041"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5826",
"datePublished": "2017-01-27T22:01:00.000Z",
"dateReserved": "2016-06-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:15:10.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5825 (GCVE-0-2016-5825)
Vulnerability from nvd – Published: 2017-01-27 22:01 – Updated: 2024-08-06 01:15
VLAI
Summary
The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://bugzilla.mozilla.org/show_bug.cgi?id=1280832 | x_refsource_MISC |
| http://www.securityfocus.com/bid/91459 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2016/06/25/4 | mailing-listx_refsource_MLIST |
Date Public
2016-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1280832"
},
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-30T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1280832"
},
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1280832",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1280832"
},
{
"name": "91459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5825",
"datePublished": "2017-01-27T22:01:00.000Z",
"dateReserved": "2016-06-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:15:10.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5824 (GCVE-0-2016-5824)
Vulnerability from nvd – Published: 2017-01-27 22:01 – Updated: 2024-08-06 01:15
VLAI
Summary
libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://github.com/libical/libical/issues/235 | x_refsource_MISC |
| https://usn.ubuntu.com/3897-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://access.redhat.com/errata/RHSA-2019:0269 | vendor-advisoryx_refsource_REDHAT |
| https://bugzilla.mozilla.org/show_bug.cgi?id=1275400 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2017/0… | mailing-listx_refsource_MLIST |
| https://github.com/libical/libical/issues/251 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/91459 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2016/06/25/4 | mailing-listx_refsource_MLIST |
| https://github.com/libical/libical/issues/286 | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2019:0270 | vendor-advisoryx_refsource_REDHAT |
| https://security.gentoo.org/glsa/201904-02 | vendor-advisoryx_refsource_GENTOO |
| https://security.gentoo.org/glsa/201904-07 | vendor-advisoryx_refsource_GENTOO |
Date Public
2016-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:08.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/libical/libical/issues/235"
},
{
"name": "USN-3897-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3897-1/"
},
{
"name": "RHSA-2019:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0269"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1275400"
},
{
"name": "[oss-security] 20170120 Re: CVE-2016-9584: heap use-after-free on libical",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/20/16"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/libical/libical/issues/251"
},
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/libical/libical/issues/286"
},
{
"name": "RHSA-2019:0270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0270"
},
{
"name": "GLSA-201904-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-02"
},
{
"name": "GLSA-201904-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-07"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-02T06:06:07.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/libical/libical/issues/235"
},
{
"name": "USN-3897-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3897-1/"
},
{
"name": "RHSA-2019:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0269"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1275400"
},
{
"name": "[oss-security] 20170120 Re: CVE-2016-9584: heap use-after-free on libical",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/20/16"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/libical/libical/issues/251"
},
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/libical/libical/issues/286"
},
{
"name": "RHSA-2019:0270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0270"
},
{
"name": "GLSA-201904-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-02"
},
{
"name": "GLSA-201904-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-07"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/libical/libical/issues/235",
"refsource": "MISC",
"url": "https://github.com/libical/libical/issues/235"
},
{
"name": "USN-3897-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3897-1/"
},
{
"name": "RHSA-2019:0269",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0269"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1275400",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1275400"
},
{
"name": "[oss-security] 20170120 Re: CVE-2016-9584: heap use-after-free on libical",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/20/16"
},
{
"name": "https://github.com/libical/libical/issues/251",
"refsource": "CONFIRM",
"url": "https://github.com/libical/libical/issues/251"
},
{
"name": "91459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"name": "https://github.com/libical/libical/issues/286",
"refsource": "CONFIRM",
"url": "https://github.com/libical/libical/issues/286"
},
{
"name": "RHSA-2019:0270",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0270"
},
{
"name": "GLSA-201904-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-02"
},
{
"name": "GLSA-201904-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-07"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5824",
"datePublished": "2017-01-27T22:01:00.000Z",
"dateReserved": "2016-06-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:15:08.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5823 (GCVE-0-2016-5823)
Vulnerability from nvd – Published: 2017-01-27 22:01 – Updated: 2024-08-06 01:15
VLAI
Summary
The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2016/06/25/4 | mailing-listx_refsource_MLIST |
| https://security.gentoo.org/glsa/201904-02 | vendor-advisoryx_refsource_GENTOO |
Date Public
2016-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:09.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"name": "GLSA-201904-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-02T06:06:03.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"name": "GLSA-201904-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"name": "GLSA-201904-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5823",
"datePublished": "2017-01-27T22:01:00.000Z",
"dateReserved": "2016-06-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:15:09.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9584 (GCVE-0-2016-9584)
Vulnerability from nvd – Published: 2017-01-18 17:00 – Updated: 2024-08-06 02:59
VLAI
Summary
libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2016/12/15/5 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/94948 | vdb-entryx_refsource_BID |
Date Public
2016-12-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:02.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20161215 CVE-2016-9584: heap use-after-free on libical",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/15/5"
},
{
"name": "94948",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94948"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-19T10:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20161215 CVE-2016-9584: heap use-after-free on libical",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/15/5"
},
{
"name": "94948",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94948"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-9584",
"datePublished": "2017-01-18T17:00:00.000Z",
"dateReserved": "2016-11-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:59:02.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5827 (GCVE-0-2016-5827)
Vulnerability from cvelistv5 – Published: 2017-01-27 22:01 – Updated: 2024-08-06 01:15
VLAI
Summary
The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/91459 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2016/06/25/4 | mailing-listx_refsource_MLIST |
| https://bugzilla.mozilla.org/show_bug.cgi?id=1281043 | x_refsource_MISC |
Date Public
2016-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281043"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-30T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281043"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281043",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281043"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5827",
"datePublished": "2017-01-27T22:01:00.000Z",
"dateReserved": "2016-06-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:15:10.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5823 (GCVE-0-2016-5823)
Vulnerability from cvelistv5 – Published: 2017-01-27 22:01 – Updated: 2024-08-06 01:15
VLAI
Summary
The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2016/06/25/4 | mailing-listx_refsource_MLIST |
| https://security.gentoo.org/glsa/201904-02 | vendor-advisoryx_refsource_GENTOO |
Date Public
2016-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:09.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"name": "GLSA-201904-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-02T06:06:03.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"name": "GLSA-201904-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"name": "GLSA-201904-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5823",
"datePublished": "2017-01-27T22:01:00.000Z",
"dateReserved": "2016-06-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:15:09.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5825 (GCVE-0-2016-5825)
Vulnerability from cvelistv5 – Published: 2017-01-27 22:01 – Updated: 2024-08-06 01:15
VLAI
Summary
The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://bugzilla.mozilla.org/show_bug.cgi?id=1280832 | x_refsource_MISC |
| http://www.securityfocus.com/bid/91459 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2016/06/25/4 | mailing-listx_refsource_MLIST |
Date Public
2016-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1280832"
},
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-30T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1280832"
},
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1280832",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1280832"
},
{
"name": "91459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5825",
"datePublished": "2017-01-27T22:01:00.000Z",
"dateReserved": "2016-06-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:15:10.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5826 (GCVE-0-2016-5826)
Vulnerability from cvelistv5 – Published: 2017-01-27 22:01 – Updated: 2024-08-06 01:15
VLAI
Summary
The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) by crafting a string to the icalparser_parse_string function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/91459 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2016/06/25/4 | mailing-listx_refsource_MLIST |
| https://bugzilla.mozilla.org/show_bug.cgi?id=1281041 | x_refsource_MISC |
Date Public
2016-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) by crafting a string to the icalparser_parse_string function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-30T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281041"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) by crafting a string to the icalparser_parse_string function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281041",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281041"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5826",
"datePublished": "2017-01-27T22:01:00.000Z",
"dateReserved": "2016-06-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:15:10.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5824 (GCVE-0-2016-5824)
Vulnerability from cvelistv5 – Published: 2017-01-27 22:01 – Updated: 2024-08-06 01:15
VLAI
Summary
libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://github.com/libical/libical/issues/235 | x_refsource_MISC |
| https://usn.ubuntu.com/3897-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://access.redhat.com/errata/RHSA-2019:0269 | vendor-advisoryx_refsource_REDHAT |
| https://bugzilla.mozilla.org/show_bug.cgi?id=1275400 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2017/0… | mailing-listx_refsource_MLIST |
| https://github.com/libical/libical/issues/251 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/91459 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2016/06/25/4 | mailing-listx_refsource_MLIST |
| https://github.com/libical/libical/issues/286 | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2019:0270 | vendor-advisoryx_refsource_REDHAT |
| https://security.gentoo.org/glsa/201904-02 | vendor-advisoryx_refsource_GENTOO |
| https://security.gentoo.org/glsa/201904-07 | vendor-advisoryx_refsource_GENTOO |
Date Public
2016-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:08.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/libical/libical/issues/235"
},
{
"name": "USN-3897-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3897-1/"
},
{
"name": "RHSA-2019:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0269"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1275400"
},
{
"name": "[oss-security] 20170120 Re: CVE-2016-9584: heap use-after-free on libical",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/20/16"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/libical/libical/issues/251"
},
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/libical/libical/issues/286"
},
{
"name": "RHSA-2019:0270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0270"
},
{
"name": "GLSA-201904-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-02"
},
{
"name": "GLSA-201904-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-07"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-02T06:06:07.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/libical/libical/issues/235"
},
{
"name": "USN-3897-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3897-1/"
},
{
"name": "RHSA-2019:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0269"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1275400"
},
{
"name": "[oss-security] 20170120 Re: CVE-2016-9584: heap use-after-free on libical",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/20/16"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/libical/libical/issues/251"
},
{
"name": "91459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/libical/libical/issues/286"
},
{
"name": "RHSA-2019:0270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0270"
},
{
"name": "GLSA-201904-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-02"
},
{
"name": "GLSA-201904-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-07"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/libical/libical/issues/235",
"refsource": "MISC",
"url": "https://github.com/libical/libical/issues/235"
},
{
"name": "USN-3897-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3897-1/"
},
{
"name": "RHSA-2019:0269",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0269"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1275400",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1275400"
},
{
"name": "[oss-security] 20170120 Re: CVE-2016-9584: heap use-after-free on libical",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/20/16"
},
{
"name": "https://github.com/libical/libical/issues/251",
"refsource": "CONFIRM",
"url": "https://github.com/libical/libical/issues/251"
},
{
"name": "91459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"name": "https://github.com/libical/libical/issues/286",
"refsource": "CONFIRM",
"url": "https://github.com/libical/libical/issues/286"
},
{
"name": "RHSA-2019:0270",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0270"
},
{
"name": "GLSA-201904-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-02"
},
{
"name": "GLSA-201904-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-07"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5824",
"datePublished": "2017-01-27T22:01:00.000Z",
"dateReserved": "2016-06-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:15:08.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9584 (GCVE-0-2016-9584)
Vulnerability from cvelistv5 – Published: 2017-01-18 17:00 – Updated: 2024-08-06 02:59
VLAI
Summary
libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2016/12/15/5 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/94948 | vdb-entryx_refsource_BID |
Date Public
2016-12-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:02.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20161215 CVE-2016-9584: heap use-after-free on libical",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/15/5"
},
{
"name": "94948",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94948"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-19T10:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20161215 CVE-2016-9584: heap use-after-free on libical",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/15/5"
},
{
"name": "94948",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94948"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-9584",
"datePublished": "2017-01-18T17:00:00.000Z",
"dateReserved": "2016-11-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:59:02.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}