Vulnerabilities > Use After Free

DATE CVE VULNERABILITY TITLE RISK
2009-03-02 CVE-2009-0749 Use After Free vulnerability in multiple products
Use-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c in OptiPNG 0.6.2 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted GIF image that causes the realloc function to return a new pointer, which triggers memory corruption when the old pointer is accessed.
local
low complexity
optipng-project suse opensuse CWE-416
7.8
2008-11-12 CVE-2008-5038 Use After Free vulnerability in Novell Edirectory
Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852.
network
low complexity
novell CWE-416
critical
9.8
2008-02-12 CVE-2008-0077 Use After Free vulnerability in Microsoft Internet Explorer 6/7
Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability."
network
low complexity
microsoft CWE-416
8.8
2007-07-21 CVE-2007-3929 Use After Free vulnerability in Opera Browser
Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object.
network
opera CWE-416
critical
9.3
2006-10-10 CVE-2006-4997 Use After Free vulnerability in multiple products
The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).
network
low complexity
linux canonical redhat CWE-416
7.5
2006-08-29 CVE-2006-4434 Use After Free vulnerability in Sendmail
Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced.
network
low complexity
sendmail CWE-416
7.5