Heap buffer over-read vulnerability was found in parser_get_next_char function caused by passing malformed input to icalparser_parse_string function.

Upstream bug:

https://bugzilla.mozilla.org/show_bug.cgi?id=1281041

CVE assignment:

http://seclists.org/oss-sec/2016/q2/604