VYPR

CWE-416

Use After Free

VariantStableLikelihood: High

Description

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (2,306)

page 113 of 116
  • CVE-2011-3957Feb 9, 2012
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the garbage-collection functionality in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF documents.

  • CVE-2011-3928Jan 24, 2012
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling.

  • CVE-2011-3925Jan 24, 2012
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors related to a navigation entry and an interstitial…

  • CVE-2011-3924Jan 24, 2012
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections.

  • CVE-2011-3921Jan 7, 2012
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving animation frames.

  • CVE-2011-3913Dec 13, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling.

  • CVE-2011-3912Dec 13, 2011
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters.

  • CVE-2011-3904Dec 13, 2011
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to bidirectional text (aka bidi) handling.

  • CVE-2011-3897Nov 11, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing.

  • CVE-2011-3890Oct 25, 2011
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video source handling.

  • CVE-2011-3888Oct 25, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in.

  • CVE-2011-3885Oct 25, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data.

  • CVE-2011-3883Oct 25, 2011
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counters.

  • CVE-2011-3882Oct 25, 2011
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media buffers.

  • CVE-2011-2880Oct 4, 2011
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings.

  • CVE-2011-2876Oct 4, 2011
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a text line box.

  • CVE-2011-2860Sep 19, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles.

  • CVE-2011-2857Sep 19, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller.

  • CVE-2011-2854Sep 19, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing."

  • CVE-2011-2853Sep 19, 2011
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.