Vulnerability CVE-2016-5824: Information

Description

libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.

Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2016-5824
Published: Jan. 28, 2017
Modified: April 2, 2019
Error type identifier: CWE-416

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
libicalsisyphus1.0.1-alt13.0.18-alt1ALT-PU-2014-2495-1137643Fixed
libicalp101.0.1-alt13.0.11-alt1ALT-PU-2014-2495-1137643Fixed
libicalp91.0.1-alt13.0.6-alt1ALT-PU-2014-2495-1137643Fixed
libicalc10f11.0.1-alt13.0.11-alt1ALT-PU-2014-2495-1137643Fixed
libicalc9f21.0.1-alt13.0.6-alt1.c9.1ALT-PU-2014-2495-1137643Fixed
libicalp111.0.1-alt13.0.18-alt1ALT-PU-2014-2495-1137643Fixed
thunderbirdsisyphus60.5.0-alt1115.9.0-alt1ALT-PU-2019-1171-1220357Fixed
thunderbirdp1060.5.0-alt1115.9.0-alt1ALT-PU-2019-1171-1220357Fixed
thunderbirdp960.5.0-alt1102.11.0-alt0.c9.1ALT-PU-2019-1171-1220357Fixed
thunderbirdp860.7.2-alt0.M80P.160.8.0-alt0.M80P.1ALT-PU-2019-2196-1216874Fixed
thunderbirdc10f160.5.0-alt1115.9.0-alt0.c10.1ALT-PU-2019-1171-1220357Fixed
thunderbirdc9f260.5.0-alt1102.11.0-alt0.c9.1ALT-PU-2019-1171-1220357Fixed
thunderbirdc760.8.0-alt0.M70C.160.8.0-alt0.M70C.1ALT-PU-2019-2345-1234994Fixed
thunderbirdp1160.5.0-alt1115.9.0-alt1ALT-PU-2019-1171-1220357Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://github.com/libical/libical/issues/286
  • Issue Tracking
  • Patch
  • Third Party Advisory
https://github.com/libical/libical/issues/251
  • Issue Tracking
  • Patch
  • Third Party Advisory
https://github.com/libical/libical/issues/235
  • Issue Tracking
  • Patch
  • Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1275400
  • Issue Tracking
[oss-security] 20170120 Re: CVE-2016-9584: heap use-after-free on libical
  • Mailing List
  • Patch
  • Third Party Advisory
[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address
  • Mailing List
  • Third Party Advisory
91459
  • Third Party Advisory
  • VDB Entry
RHSA-2019:0270
  • Third Party Advisory
RHSA-2019:0269
  • Third Party Advisory
USN-3897-1
  • Third Party Advisory
GLSA-201904-07
    GLSA-201904-02

        1. Configuration 1

          cpe:2.3:a:libical_project:libical:1.0:*:*:*:*:*:*:*

          Configuration 2

          cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
          cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
          cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
          cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

          Configuration 3

          cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
      Version: v24.5.3
      Back to top