CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,670 vulnerabilities with CWE-416
CVE-2018-17661 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Host Object messageBox Method
CVSS 8.8
CVE-2018-17660 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Host Object resetData Method
CVSS 8.8
CVE-2018-17659 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Host Object Title Property
CVSS 8.8
CVE-2018-17658 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Host Object Response Property
CVSS 8.8
CVE-2018-17657 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via gotoURL Method Use-After-Free
CVSS 8.8
CVE-2018-17656 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via TimeField getDisplayItem Use-After-Free
CVSS 8.8
CVE-2018-17655 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Form Object Use-After-Free
CVSS 8.8
CVE-2018-17654 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Form Object Use-After-Free
CVSS 8.8
CVE-2018-17653 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via TimeField resolveNode Method
CVSS 8.8
CVE-2018-17652 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via TimeField Mandatory Property Handling
CVSS 8.8
CVE-2018-17651 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via TimeField getItemState Use-After-Free
CVSS 8.8
CVE-2018-17650 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via TimeField resolveNodes Method
CVSS 8.8
CVE-2018-17649 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via TimeField setAttribute Use-After-Free
CVSS 8.8
CVE-2018-17648 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via TimeField Rotate Property
CVSS 8.8
CVE-2018-17647 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via TimeField boundItem Use-After-Free
CVSS 8.8
CVE-2018-17646 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via TimeField fillColor Property
CVSS 8.8
CVE-2018-17645 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via TimeField vAlign Property
CVSS 8.8
CVE-2018-17644 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via TimeField addItem Use-After-Free
CVSS 8.8
CVE-2018-17643 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via TimeField editValue Use-After-Free
CVSS 8.8
CVE-2018-17642 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via TimeField colSpan Property
CVSS 8.8
CVE-2018-17641 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via TimeField deleteItem Use-After-Free
CVSS 8.8
CVE-2018-17640 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Form Count Property
CVSS 8.8
CVE-2018-17639 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via setElement Method
CVSS 8.8
CVE-2018-17638 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via getAttribute Use-After-Free
CVSS 8.8
CVE-2018-17637 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via loadXML Method
CVSS 8.8
Details
Vulnerabilities 7,670
Exploit Likelihood High