CVE-2004-1021
iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows attackers to execute programs and send e-mail via alarms.
Date published : 2004-11-24
http://lists.apple.com/archives/security-announce//2004/Nov/msg00000.html