VYPR

CWE-416

Use After Free

VariantStableLikelihood: High

Description

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (2,306)

page 6 of 116
  • CVE-2018-12756CriJul 20, 2018
    risk 0.64cvss 9.8epss 0.09

    Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-14442CriJul 20, 2018
    risk 0.64cvss 9.8epss 0.05

    Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs.

  • CVE-2018-4996CriJul 9, 2018
    risk 0.64cvss 9.8epss 0.09

    Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-13410CriJul 6, 2018
    risk 0.64cvss 9.8epss 0.04

    Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic…

  • CVE-2018-12882CriJun 26, 2018
    risk 0.64cvss 9.8epss 0.07

    exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PHP exif_read_data function.

  • CVE-2018-5155CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.03

    A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

  • CVE-2018-5154CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.03

    A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

  • CVE-2018-5148CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.03

    A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.7.3 and Firefox < 59.0.2.

  • CVE-2018-5128CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.02

    A use-after-free vulnerability can occur when manipulating elements, events, and selection ranges during editor operations. This results in a potentially exploitable crash. This vulnerability affects Firefox < 59.

  • CVE-2018-5104CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.07

    A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

  • CVE-2018-5103CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.03

    A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

  • CVE-2018-5102CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.07

    A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

  • CVE-2018-5099CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.03

    A use-after-free vulnerability can occur when the widget listener is holding strong references to browser objects that have previously been freed, resulting in a potentially exploitable crash when these references are used. This vulnerability affects Thunderbird < 52.6, Firefox…

  • CVE-2018-5098CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.03

    A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

  • CVE-2018-5097CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.07

    A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox…

  • CVE-2018-5096CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.03

    A use-after-free vulnerability can occur while editing events in form elements on a page, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Thunderbird < 52.6.

  • CVE-2018-5092CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.02

    A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations. This vulnerability affects Firefox < 58.

  • CVE-2018-5091CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.03

    A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Firefox < 58.

  • CVE-2017-7828CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.07

    A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and…

  • CVE-2017-7819CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.03

    A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and…