CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,670 vulnerabilities with CWE-416
CVE-2018-17689 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Radio Button fillColor Property
CVSS 8.8
CVE-2018-17688 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via ComboBox setItems Method
CVSS 8.8
CVE-2018-17687 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Radio Button exportValues Property
CVSS 8.8
CVE-2018-17684 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via isPropertySpecified Use-After-Free
CVSS 8.8
CVE-2018-17683 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via createIcon Method Use-After-Free
CVSS 8.8
CVE-2018-17682 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Annotation Delay Property
CVSS 8.8
CVE-2018-17681 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via getPageBox Method Use-After-Free
CVSS 8.8
CVE-2018-17680 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Field Object Style Property
CVSS 8.8
CVE-2018-17679 HIGH
Foxit Reader 9.2.0.9297 - Use After Free
CVSS 8.8
CVE-2018-17678 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via gotoNamedDest Method Use-After-Free
CVSS 8.8
CVE-2018-17677 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via app.mailDoc Use-After-Free
CVSS 8.8
CVE-2018-17676 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via removeField Property Use-After-Free
CVSS 8.8
CVE-2018-17675 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Use-After-Free via removeDataObject Method
CVSS 8.8
CVE-2018-17674 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Annotation Object Name Property
CVSS 8.8
CVE-2018-17673 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Annotation Subtype Handling
CVSS 8.8
CVE-2018-17672 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Array Index Handling
CVSS 8.8
CVE-2018-17670 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via XFA Object Handling
CVSS 8.8
CVE-2018-17669 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Use-After-Free via XFA Object Name Property
CVSS 8.8
CVE-2018-17668 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via XFA removeAttribute Use-After-Free
CVSS 8.8
CVE-2018-17667 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Host Object Print Method
CVSS 8.8
CVE-2018-17666 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Host Object ExportData Method
CVSS 8.8
CVE-2018-17665 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Host Object currentPage Property
CVSS 8.8
CVE-2018-17664 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via XFA isCompatibleNS Method
CVSS 8.8
CVE-2018-17663 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Host Object importData Method
CVSS 8.8
CVE-2018-17662 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Host Object Beep Method
CVSS 8.8
Details
Vulnerabilities 7,670
Exploit Likelihood High