The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) by crafting a string to the icalparser_parse_string function.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5826
Reference (s):
- BID:91459
- URL: http://www.securityfocus.com/bid/91459
- https://bugzilla.mozilla.org/show_bug.cgi?id=1281041
- MLIST:[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address
- URL: http://www.openwall.com/lists/oss-security/2016/06/25/4