Problem Description:
A NULL pointer dereference in the initialization code
of the HZ module and an out of bounds array access in the
initialization code of the VIQR module make iconv_open(3)
calls involving HZ or VIQR result in an application crash.
Impact:
Services where an attacker can control the arguments of
an iconv_open(3) call can be caused to crash resulting in
a denial-of-service. For example, an email encoded in HZ
may cause an email delivery service to crash if it converts
emails to a more generic encoding like UTF-8 before applying
filtering rules.