Multiple buffer overflows in (1) the getline function in pcalutil.c and (2) the get_holiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| pcal | pcal | 4.6.0 |
| pcal | pcal | 4.1.0 |
| pcal | pcal | 4.7.1 |
| pcal | pcal | 4.5.0 |
| pcal | pcal | 4.7.0 |
| pcal | pcal | 4.3.0 |