Multiple vulnerabilities in libical
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2016-5823 CVE-2016-9584 CVE-2016-5827 CVE-2016-5826 CVE-2016-5825 CVE-2016-5824 |
| CWE-ID | CWE-416 CWE-125 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #6 is available. |
| Vulnerable software |
libical Universal components / Libraries / Libraries used by multiple products |
| Vendor | libical |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Use-after-free
EUVDB-ID: #VU17267
Risk: Low
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2016-5823
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a use-after-free error when processing a specially crafted ics file. A remote attackers can cause a denial of service (use-after-free).
MitigationInstall update from vendor's website.
Vulnerable software versionslibical: 0.47 - 1.0.0
CPE2.3 External linkshttps://www.openwall.com/lists/oss-security/2016/06/25/4
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Use-after-free
EUVDB-ID: #VU17271
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-9584
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing a specially crafted ics files. A remote attackers can cause a denial of service (use-after-free) and possibly read heap memory.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionslibical: 0.47 - 1.0.0
CPE2.3 External linkshttps://www.openwall.com/lists/oss-security/2016/12/15/5
https://www.securityfocus.com/bid/94948
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds read
EUVDB-ID: #VU17270
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-5827
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary error in the icaltime_from_string() function. A remote attacker can pass a specially crafted string to the icalparser_parse_string() function, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionslibical: 0.47 - 1.0.0
CPE2.3 External linkshttps://www.openwall.com/lists/oss-security/2016/06/25/4
https://bugzilla.mozilla.org/show_bug.cgi?id=1281043
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU17269
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-5826
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary error in the parser_get_next_char() function. A remote attacker can pass a string to the icalparser_parse_string() function, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionslibical: 0.47 - 1.0.0
CPE2.3 External linkshttps://www.openwall.com/lists/oss-security/2016/06/25/4
https://bugzilla.mozilla.org/show_bug.cgi?id=1281041
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds read
EUVDB-ID: #VU17268
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-5825
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary error in the icalparser_parse_string function. A remote attacker can create a specially crafted ics file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionslibical: 0.47 - 1.0.0
CPE2.3 External linkshttps://www.openwall.com/lists/oss-security/2016/06/25/4
https://bugzilla.mozilla.org/show_bug.cgi?id=1280832
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Use-after-free
EUVDB-ID: #VU17266
Risk: Low
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2016-5824
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service attack.
The vulnerability exists due to a use-after-free error when processing ics Calendar files. A remote attackers can trick the victim to open a specially crafted calendar file, trigger user-after-free error and crash the affected application.
Install update from vendor's website.
Vulnerable software versionslibical: 0.47 - 1.0.1
CPE2.3- cpe:2.3:a:libical:libical:0.47:*:*:*:*:*:*:*
- cpe:2.3:a:libical:libical:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:libical:libical:1.0.1:*:*:*:*:*:*:*
https://www.openwall.com/lists/oss-security/2016/06/25/4
https://www.openwall.com/lists/oss-security/2017/01/20/16
https://bugzilla.mozilla.org/show_bug.cgi?id=1275400
https://github.com/libical/libical/issues/235
https://github.com/libical/libical/issues/251
https://github.com/libical/libical/issues/286
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
