Vulnerabilities > Use After Free

DATE CVE VULNERABILITY TITLE RISK
2011-01-28 CVE-2010-3451 Use After Free vulnerability in multiple products
Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF document.
network
apache canonical debian CWE-416
critical
9.3
2011-01-14 CVE-2011-0475 USE After Free vulnerability in Google Chrome and Chrome OS
Use-after-free vulnerability in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a PDF document.
network
low complexity
google CWE-416
critical
9.3
2010-12-07 CVE-2010-4493 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service via vectors related to the handling of mouse dragging events.
4.3
2010-12-07 CVE-2010-4492 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animations.
network
low complexity
google debian CWE-416
7.5
2010-11-17 CVE-2010-4168 Use After Free vulnerability in multiple products
Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp.
network
low complexity
openttd fedoraproject CWE-416
7.5
2010-11-06 CVE-2010-4201 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text control selections.
network
low complexity
google CWE-416
7.5
2010-11-06 CVE-2010-4197 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing.
network
low complexity
google webkitgtk fedoraproject CWE-416
7.5
2010-11-05 CVE-2010-3962 Use After Free vulnerability in Microsoft Internet Explorer 6/7/8
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerability," as exploited in the wild in November 2010.
network
microsoft CWE-416
critical
9.3
2010-11-05 CVE-2010-2941 Use After Free vulnerability in multiple products
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
network
low complexity
apple fedoraproject canonical debian opensuse suse redhat CWE-416
critical
9.8
2010-10-13 CVE-2010-3328 Use After Free vulnerability in Microsoft Internet Explorer 6/7/8
Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecified property of a stylesheet object, aka "Uninitialized Memory Corruption Vulnerability."
network
low complexity
microsoft CWE-416
8.8