The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
7,684 vulnerabilities with CWE-416
CVE-2010-1825
Google Chrome < 6.0.472.59 - Use-After-Free via Nested SVG Elements
CVE-2010-1824
Google Chrome < 6.0.472.59 - Use-After-Free via SVG Style Handling
CVE-2010-1823
Google Chrome < 6.0.472.59 - Use-After-Free via Document API During Parsing
CVE-2010-1772
HIGH
Google Chrome < 5.0.375.70 - Use-After-Free in Geolocation Timer Handling
CVSS 8.8
CVE-2010-3257
WebKit <4.1.3-5.0.3 - Use After Free
CVE-2010-3252
Google Chrome <6.0.472.53 - Memory Corruption
CVE-2010-3116
WebKit <4.1.3-5.0.3 - Use After Free
CVE-2010-2547
HIGH
GnuPG 2.0.0-2.0.16 - Use-After-Free in Keybox Blob Certificate Handling
CVSS 8.1
CVE-2010-2753
HIGH
Mozilla Firefox <3.5.11 & <3.6.7 - RCE
CVSS 8.8
CVE-2010-1208
HIGH
Mozilla Firefox <3.5.11 & SeaMonkey <2.0.6 - Use After Free
CVSS 8.8
CVE-2010-2302
Google Chrome < 5.0.375.70 - Use-After-Free via Remote Fonts with Shadow DOM Trees
CVE-2010-2300
Google Chrome < 5.0.375.70 - Use-After-Free in Element::normalizeAttributes
CVE-2010-1437
HIGH
Linux Kernel < 2.6.34 - Race Condition in Keyring Deletion
CVSS 7.0
CVE-2010-0629
MEDIUM
MIT Kerberos 5 1.5-1.6.3 - Authenticated Denial of Service via Invalid API Version Number
CVSS 6.5
CVE-2010-0050
HIGH
Apple Safari < 4.0.5 - Use-After-Free via Improperly Nested HTML Tags
CVSS 8.8
CVE-2010-0806
HIGH
KEV
Microsoft Internet Explorer <7 - Use After Free
CVSS 8.8
CVE-2010-0302
HIGH
CUPS < 1.4.4 - Use-After-Free in File Descriptor Handling
CVSS 7.5
CVE-2010-0248
HIGH
Microsoft Internet Explorer 6, 6 SP1, 7, 8 - Remote Code Execution via Memory Corruption
CVSS 8.1
CVE-2010-0378
HIGH
Adobe Flash Player 6.0.79 - Remote Code Execution via Movie Unloading
CVSS 8.8
CVE-2010-0249
HIGH
KEV
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 - Use-After-Free via HTML Object Memory Corruption
CVSS 8.8
CVE-2009-4324
HIGH
KEV
Adobe Reader/Acrobat <9.3-8.2 - RCE
CVSS 7.8
CVE-2009-3671
HIGH
Internet Explorer 8 - Remote Code Execution via Uninitialized Memory Corruption
CVSS 8.1
CVE-2009-3553
HIGH
CUPS 1.3.7 and 1.3.10 - Use-After-Free in File-Descriptor Handling
CVSS 7.5
CVE-2009-3616
CRITICAL
QEMU < 0.10.6 - Use-After-Free in VNC Server via Client Disconnect or Fuzzy Screen Mode
CVSS 9.9
CVE-2009-3658
HIGH
AOL SuperBuddy ActiveX Control - Use-After-Free via SetSuperBuddy Method
CVSS 8.8
Details
Vulnerabilities
7,684
Exploit Likelihood
High