Out-of-Bounds Read Vulnerability in FreeType's parse_fond Function

Out-of-Bounds Read Vulnerability in FreeType's parse_fond Function

CVE-2014-9672 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:P

Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file.

Learn more about our Web Application Penetration Testing UK.