Use After Free

Use-After-Free vulnerabilities are a type of memory corruption flaw that can be leveraged by hackers to execute arbitrary code.

Use After Free specifically refers to the attempt to access memory after it has been freed, which can cause a program to crash or, in the case of a Use-After-Free flaw, can potentially result in the execution of arbitrary code or even enable full remote code execution capabilities.

The Specifics of Use-After-Free Memory Corruption

According to the Use After Free definition on the Common Weakness Enumeration (CWE) website, a Use After Free scenario can occur when “the memory in question is allocated to another pointer validly at some point after it has been freed. The original pointer to the freed memory is used again and points to somewhere within the new allocation. As the data is changed, it corrupts the validly used memory; this induces undefined behavior in the process.”

Use After Free Flaws and Microsoft’s IE Browser

Use After Free flaws have gained attention in recent years, particularly in association with Microsoft and its Internet Explorer web browser, which has received numerous security patches to update a variety of Use-After-Free security vulnerabilities.

Forrest Stroud
Forrest Stroud
Forrest is a writer for Webopedia. Experienced, entrepreneurial, and well-rounded, he has 15+ years covering technology, business software, website design, programming, and more.

Top Articles

List of Windows Operating System Versions & History [In Order]

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

How to Create a Website Shortcut on Your Desktop

Website Shortcut on Your Desktop reviewed by Web Webster   This Webopedia guide will show you how to create a website shortcut on your desktop using...

What are the Five Generations of Computers? (1st to 5th)

Reviewed by Web Webster Each generation of computer has brought significant advances in speed and power to computing tasks. Learn about each of the...

Hotmail [Outlook] Email Accounts

Launched in 1996, Hotmail was one of the first public webmail services that could be accessed from any web browser. At its peak in...

Conti Ransomware

Conti ransomware first emerged in 2020. It uses a ransomware as a service...

Crypt888 Ransomware

Crypt888, also known as Mircop, is ransomware that encrypts files on desktops, downloads,...

AutoLocky Ransomware

AutoLocky is ransomware written in the popular AutoIt scripting language. It uses strong...