CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9821 vulnerabilities reference this CWE, most recent first.
CVE-2023-27379 (GCVE-0-2023-27379)
Vulnerability from cvelistv5 – Published: 2023-07-19 13:16 – Updated: 2024-08-02 12:09- CWE-416 - Use After Free
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit | Foxit Reader |
Affected:
12.1.2.15332
|
|
| foxit | pdf_reader |
Affected:
12.1.2.15332
cpe:2.3:a:foxit:pdf_reader:12.1.2.15332:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:43.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1756"
},
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1756",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1756"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:12.1.2.15332:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"status": "affected",
"version": "12.1.2.15332"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27379",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-31T21:02:40.218691Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-31T21:04:03.914Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Foxit Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "12.1.2.15332"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Aleksandar Nikolic and Kamlapati Choubey of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability exists in the JavaScript engine of Foxit Software\u2019s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-19T17:00:10.411Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1756",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1756"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-27379",
"datePublished": "2023-07-19T13:16:37.729Z",
"dateReserved": "2023-06-02T22:10:21.809Z",
"dateUpdated": "2024-08-02T12:09:43.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27366 (GCVE-0-2023-27366)
Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-08-02 12:09- CWE-416 - Use After Free
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit | PDF Reader |
Affected:
12.1.0.15250
|
|
| foxit | pdf_reader |
Affected:
- , ≤ 10.1.11.37866
(custom)
cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "10.1.11.37866",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27366",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-06T15:13:26.315067Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:24:47.095Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:43.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-494",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-494/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "12.1.0.15250"
}
]
}
],
"dateAssigned": "2023-02-28T18:05:54.126Z",
"datePublic": "2023-05-01T21:29:36.818Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20225."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:56:16.688Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-494",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-494/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Suyue Guo and Wei You from Renmin University of China"
},
"title": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-27366",
"datePublished": "2024-05-03T01:56:16.688Z",
"dateReserved": "2023-02-28T17:58:45.485Z",
"dateUpdated": "2024-08-02T12:09:43.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27352 (GCVE-0-2023-27352)
Vulnerability from cvelistv5 – Published: 2023-04-20 00:00 – Updated: 2025-02-05 14:28- CWE-416 - Use After Free
| Vendor | Product | Version | |
|---|---|---|---|
| Sonos | One Speaker |
Affected:
70.3-35220
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:43.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-447/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27352",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T14:28:31.703726Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T14:28:36.000Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "One Speaker",
"vendor": "Sonos",
"versions": [
{
"status": "affected",
"version": "70.3-35220"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Toan (suto) Pham and Tri Dang from Qrious Secure"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the SMB directory query command. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19845."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-20T00:00:00.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-447/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-27352",
"datePublished": "2023-04-20T00:00:00.000Z",
"dateReserved": "2023-02-28T00:00:00.000Z",
"dateUpdated": "2025-02-05T14:28:36.000Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27348 (GCVE-0-2023-27348)
Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-08-02 12:09- CWE-416 - Use After Free
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://www.tracker-software.com/product/pdf-xcha… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| PDF-XChange | PDF-XChange Editor |
Affected:
9.4.364.0
|
|
| pdf-xchange | pdf-xchange_editor |
Affected:
9.4.364.0
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:9.4.364.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:pdf-xchange:pdf-xchange_editor:9.4.364.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf-xchange_editor",
"vendor": "pdf-xchange",
"versions": [
{
"status": "affected",
"version": "9.4.364.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27348",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-21T17:10:41.259266Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:24:54.916Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:43.334Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-358",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-358/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.tracker-software.com/product/pdf-xchange-editor/history"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF-XChange Editor",
"vendor": "PDF-XChange",
"versions": [
{
"status": "affected",
"version": "9.4.364.0"
}
]
}
],
"dateAssigned": "2023-02-28T18:05:54.025Z",
"datePublic": "2023-03-31T20:32:13.517Z",
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor TIF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of TIF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19108."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:56:07.324Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-358",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-358/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.tracker-software.com/product/pdf-xchange-editor/history"
}
],
"source": {
"lang": "en",
"value": "Rocco Calvi (@TecR0c) with TecSecurity"
},
"title": "PDF-XChange Editor TIF File Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-27348",
"datePublished": "2024-05-03T01:56:07.324Z",
"dateReserved": "2023-02-28T17:58:45.480Z",
"dateUpdated": "2024-08-02T12:09:43.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27338 (GCVE-0-2023-27338)
Vulnerability from cvelistv5 – Published: 2024-05-03 01:55 – Updated: 2024-08-02 12:09- CWE-416 - Use After Free
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://www.tracker-software.com/product/pdf-xcha… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| PDF-XChange | PDF-XChange Editor |
Affected:
9.4.363.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27338",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T18:07:32.952326Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:24:55.760Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:43.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-350",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-350/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.tracker-software.com/product/pdf-xchange-editor/history"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF-XChange Editor",
"vendor": "PDF-XChange",
"versions": [
{
"status": "affected",
"version": "9.4.363.0"
}
]
}
],
"dateAssigned": "2023-02-28T18:05:53.970Z",
"datePublic": "2023-03-31T20:31:28.330Z",
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor TIF File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of TIF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18612."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:55:59.953Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-350",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-350/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.tracker-software.com/product/pdf-xchange-editor/history"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "PDF-XChange Editor TIF File Parsing Use-After-Free Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-27338",
"datePublished": "2024-05-03T01:55:59.953Z",
"dateReserved": "2023-02-28T17:58:45.479Z",
"dateUpdated": "2024-08-02T12:09:43.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27331 (GCVE-0-2023-27331)
Vulnerability from cvelistv5 – Published: 2024-05-03 01:55 – Updated: 2024-08-02 12:09- CWE-416 - Use After Free
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit | PDF Reader |
Affected:
12.0.2.12465
|
|
| foxit | pdf_reader |
Affected:
12.0.2.12465
cpe:2.3:a:foxit:pdf_reader:12.0.2:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:12.0.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"status": "affected",
"version": "12.0.2.12465"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27331",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-10T21:26:17.833151Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:24:47.505Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:43.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-225",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-225/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "12.0.2.12465"
}
]
}
],
"dateAssigned": "2023-02-28T18:05:53.930Z",
"datePublic": "2023-03-09T08:25:34.834Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19475."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:55:54.722Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-225",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-225/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-27331",
"datePublished": "2024-05-03T01:55:54.722Z",
"dateReserved": "2023-02-28T17:58:45.478Z",
"dateUpdated": "2024-08-02T12:09:43.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27330 (GCVE-0-2023-27330)
Vulnerability from cvelistv5 – Published: 2024-05-03 01:55 – Updated: 2024-08-02 12:09- CWE-416 - Use After Free
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit | PDF Reader |
Affected:
12.0.2.12465
|
|
| foxit | pdf_reader |
Affected:
0 , ≤ 10.1.10.37854
(custom)
Affected: 11 , ≤ 11.2.4.53774 (custom) Affected: 12 , ≤ 12.1.0.15250 (custom) cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "10.1.10.37854",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.4.53774",
"status": "affected",
"version": "11",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.0.15250",
"status": "affected",
"version": "12",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27330",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-05T18:22:32.295123Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T21:07:19.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:42.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-226",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-226/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "12.0.2.12465"
}
]
}
],
"dateAssigned": "2023-02-28T18:05:53.922Z",
"datePublic": "2023-03-09T08:25:43.802Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader XFA Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19476."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:55:53.993Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-226",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-226/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader XFA Annotation Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-27330",
"datePublished": "2024-05-03T01:55:53.993Z",
"dateReserved": "2023-02-28T17:58:45.478Z",
"dateUpdated": "2024-08-02T12:09:42.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27329 (GCVE-0-2023-27329)
Vulnerability from cvelistv5 – Published: 2024-05-03 01:55 – Updated: 2024-08-02 12:09- CWE-416 - Use After Free
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit | PDF Reader |
Affected:
12.0.2.12465
|
|
| foxit | pdf_reader |
Affected:
-
cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"status": "affected",
"version": "-"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27329",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T17:40:51.567917Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:24:52.414Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:43.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-227",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-227/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "12.0.2.12465"
}
]
}
],
"dateAssigned": "2023-02-28T18:05:53.915Z",
"datePublic": "2023-03-09T08:25:52.085Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19477."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:55:53.200Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-227",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-227/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-27329",
"datePublished": "2024-05-03T01:55:53.200Z",
"dateReserved": "2023-02-28T17:58:45.478Z",
"dateUpdated": "2024-08-02T12:09:43.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26589 (GCVE-0-2023-26589)
Vulnerability from cvelistv5 – Published: 2023-11-14 19:04 – Updated: 2024-08-30 15:22- denial of service
- CWE-416 - Use after free
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) Aptio* V UEFI Firmware Integrator Tools |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:53:54.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26589",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T15:01:26.173202Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T15:22:29.533Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Aptio* V UEFI Firmware Integrator Tools",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use after free in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allowed an authenticated user to potentially enable denial of service via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
},
{
"cweId": "CWE-416",
"description": "Use after free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T19:04:51.170Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-26589",
"datePublished": "2023-11-14T19:04:51.170Z",
"dateReserved": "2023-03-29T03:00:02.560Z",
"dateUpdated": "2024-08-30T15:22:29.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26426 (GCVE-0-2023-26426)
Vulnerability from cvelistv5 – Published: 2023-03-22 00:00 – Updated: 2024-08-02 13:15- CWE-416 - Use After Free (CWE-416)
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Illustrator |
Affected:
unspecified , ≤ 26.5.2
(custom)
Affected: unspecified , ≤ 27.2.0 (custom) Affected: unspecified , ≤ None (custom) |
|
| adobe | illustrator |
Affected:
0 , ≤ 27.2.0
(custom)
cpe:2.3:a:adobe:illustrator:*:*:*:*:*:windows:*:* |
|
| adobe | illustrator |
Affected:
0 , ≤ 27.2.0
(custom)
cpe:2.3:a:adobe:illustrator:*:*:*:*:*:macos:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/illustrator/apsb23-19.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:illustrator:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "illustrator",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "27.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:illustrator:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "unknown",
"product": "illustrator",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "27.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26426",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T12:54:33.330167Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T13:15:10.407Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Illustrator",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "26.5.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "27.2.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-03-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-22T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/illustrator/apsb23-19.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Illustrator (Beta) has a UAF vulnerability when parsing SVG files Arbitrary code execution"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26426",
"datePublished": "2023-03-22T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2024-08-02T13:15:10.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.