CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,684 vulnerabilities with CWE-416
CVE-2014-0322 HIGH KEV
MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free
CVSS 8.8
CVE-2014-1486 CRITICAL
Firefox < 27.0 - Remote Code Execution via imgRequestProxy Use-After-Free
CVSS 9.8
CVE-2014-0496 HIGH KEV
Adobe Reader/Acrobat <10.1.9, <11.0.06 - Use After Free
CVSS 8.8
CVE-2013-2830 HIGH
SumatraPDF 2.0-2.2.1 - Use-After-Free via Crafted PDF File
CVSS 7.8
CVE-2013-6647 CRITICAL
Google Chrome - Use-After-Free in AnimationController::endAnimationUpdate
CVSS 9.8
CVE-2013-6646
Google Chrome < 32.0.1700.77 - Use-After-Free in Web Workers
CVE-2013-6645
Google Chrome < 32.0.1700.76 - Use-After-Free in Web Contents View Aura
CVE-2013-6644
Google Chrome < 32.0.1700.77 - Use-After-Free
CVE-2013-6641
Google Chrome < 32.0.1700.77 - Use-After-Free in FormAssociatedElement
CVE-2013-5618 CRITICAL
Firefox < 26.0 - Use-After-Free in Table-Editing User Interface
CVSS 9.8
CVE-2013-5616 CRITICAL
Firefox < 26.0 - Use-After-Free in nsEventListenerManager
CVSS 9.8
CVE-2013-5613 CRITICAL
Firefox < 26.0 - Use-After-Free via Synthetic Mouse Movement
CVSS 9.8
CVE-2013-5056
Microsoft Scripting Runtime Object Library - Use After Free
CVE-2013-4560
lighttpd < 1.4.33 - Use-After-Free via FAMMonitorDirectory Failure
CVE-2013-3897 HIGH KEV
Internet Explorer 6-11 - Remote Code Execution via CDisplayPointer Use-After-Free
CVSS 8.8
CVE-2013-3893 HIGH KEV
Microsoft Internet Explorer 6-11 - Remote Code Execution via SetMouseCapture Use-After-Free
CVSS 8.8
CVE-2013-2873
Google Chrome <28.0.1500.71 - Use After Free
CVE-2013-1340 HIGH
Windows Multiple Versions - Privilege Escalation via Win32k.sys
CVSS 8.4
CVE-2013-2860
Google Chrome <27.0.1453.110 - Use After Free
CVE-2013-2858
Google Chrome <27.0.1453.110 - Use After Free
CVE-2013-2857
Google Chrome <27.0.1453.110 - Use After Free
CVE-2013-2856
Google Chrome <27.0.1453.110 - Use After Free
CVE-2013-1312
Microsoft Internet Explorer <10 - Use After Free
CVE-2013-1311
Microsoft Internet Explorer 8 - Use After Free
CVE-2013-1310
Microsoft Internet Explorer <7 - Use After Free
Details
Vulnerabilities 7,684
Exploit Likelihood High