libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file.