Loading
Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file.
Use CWE-119, Oracle vendor hub and Solaris product page to widen CVE-2014-9672 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2025-36038, CVE-2025-36128 and CVE-2026-34281 for nearby disclosures in the same product family.