CVE-2011-10034
BaseFortify
Publication date: 2025-11-12
Last updated on: 2025-11-13
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| automgen | automgen | 8.0.0.7 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in AUTOMGEN versions up to 8.0.0.7, where the project file handling code frees an object but then continues to use a stale pointer to that object. This dangling-pointer use allows an attacker to manipulate an indirect call via attacker-controlled memory, which can cause a denial-of-service and, under certain conditions, may allow remote code execution.
How can this vulnerability impact me? :
The vulnerability can lead to denial-of-service attacks, disrupting the availability of the affected system. Additionally, in some cases, it may allow an attacker to execute code remotely, potentially compromising the system's security and control.