VYPR

iCal

by ICal

CVEs (2)

  • CVE-2000-1074Dec 11, 2000
    risk 0.03cvss epss 0.04

    csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory.

  • CVE-2000-1071Dec 11, 2000
    risk 0.00cvss epss 0.03

    The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges.