Buffer Overflow Vulnerabilities in pcal 4.7.1 Allow Remote Code Execution via Crafted Calendar File

Buffer Overflow Vulnerabilities in pcal 4.7.1 Allow Remote Code Execution via Crafted Calendar File

CVE-2004-1289 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Multiple buffer overflows in (1) the getline function in pcalutil.c and (2) the get_holiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file.

Learn more about our Web Application Penetration Testing UK.