CVE-2014-9672

描述

Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file.

受影響套件(1)

• Debian/freetypefrom 0, < 2.5.2-3

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-9672