FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

pcal -- buffer overflow vulnerabilities

Affected packages
pcal < 4.8.0

Details

VuXML ID 58fc2752-5f74-11d9-a9e7-0001020eed82
Discovery 2004-12-15
Entry 2005-01-06

Danny Lungstrom has found two buffer overflow vulnerabilities in pcal which can lead to execution of arbitrary code by making a user run pcal on a specially crafted calendar file.

References

Bugtraq ID 12035
Bugtraq ID 12036
CVE Name CVE-2004-1289
Message 20041215083219.56092.qmail@cr.yp.to