CVE-2014-3951

The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service NULL pointer dereference via a crafted argument to the iconvopen function. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types...

Null pointer dereference

The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service NULL pointer dereference via a crafted argument to the iconvopen function. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types...

CVE-2014-3951

CVE-2014-3951 and CVE-2014-5384 describe issues in the iconv implementation on FreeBSD 10.0 before p6 and NetBSD, split per ADT2 by vulnerability type. The HZ module (CVE-2014-3951) can trigger a NULL pointer dereference in iconv_open, causing denial of service; the VIQR module (CVE-2014-5384) ca...

FreeBSD -- iconv(3) NULL pointer dereference and out-of-bounds array access

Problem Description: A NULL pointer dereference in the initialization code of the HZ module and an out of bounds array access in the initialization code of the VIQR module make iconvopen3 calls involving HZ or VIQR result in an application crash. Impact: Services where an attacker can control the...