Core Security Technologies has made public the fact that Apple’s iCal application that runs on Mac OS X 10.5.1 has three bugs that could lead to security threats.

Two of the three bugs can cause the application to crash, while the third one could be used to run code, if a malicious .ics file is opened.

Core Security allegedly announced Apple the presence of these vulnerabilities on January 30, 2008. Apple hasn’t done anything to take care of the problems so far and has continuously asked for delays of the deadline for publishing the study. According to Core Security, Apple told them that it considers that only one of the bugs is a security problem. After nearly four months of pushing back deadlines, the Core security has announced the computer company that the study will be published May 21.

Apple had repaired a series of bugs releasing a security patch in March, which covered over 90 problems. However, the patch was made for the server part of the operating system. The latest deadline the company was given by Core Security for fixing the three vulnerabilities was May 19.

iCal is an application that runs on the Mac OS X and is a client side component of Apple’s calendar service application. People can use the application to create multiple calendars and share them with others.

The version of the application that is supposed to have the bugs is iCal 3.01. It is not yet known whether iCal 3.02, which runs on the latest version of Apple’s operating system, has the same problems or not.