PT-2004-1023 · Pcal · Pcal

Published

2004-12-22

Updated

2017-07-11

CVE-2004-1289

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions pcal version 4.7.1

Description The issue concerns multiple buffer overflows in the getline function in pcalutil.c and the get holiday function in readfile.c. These buffer overflows can be exploited by remote attackers using a crafted calendar file, potentially leading to the execution of arbitrary code. The vulnerability may also compromise the confidentiality, integrity, and availability of protected information.

Recommendations For pcal version 4.7.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

BDU:2015-03074

CVE-2004-1289

DSA-625-1

Affected Products

Pcal

PT-2004-1023 · Pcal · Pcal

CVE-2004-1289

Related Identifiers

Affected Products

References · 11