iCal < 1.5.4

Medium Nessus Plugin ID 15786


The remote host is missing a Mac OS X update that fixes a security issue.


The remote host is running a version of iCal which is older than version 1.5.4. Such versions have an arbitrary command execution vulnerability. A remote attacker could exploit this by tricking a user into opening or importing a new iCal calendar.


Upgrade to iCal 1.5.4 or later.

See Also


Plugin Details

Severity: Medium

ID: 15786

File Name: macosx_ical154.nasl

Version: 1.14

Type: local

Agent: macosx

Published: 2004/11/22

Modified: 2017/05/30

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

Required KB Items: Host/MacOSX/packages

Exploit Available: true

Exploit Ease: No exploit is required

Patch Publication Date: 2004/11/22

Vulnerability Publication Date: 2004/11/23

Reference Information

CVE: CVE-2004-1021

BID: 11728

OSVDB: 12094

Secunia: 13277