CWE-761 – Free of Pointer not at Start of Buffer | Common Weakness Enumeration（CWE）

概要

CWE-761（Free of Pointer not at Start of Buffer）は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。

The product calls free() on a pointer to a memory resource that was allocated on the heap, but the pointer is not at the start of the buffer.

種別	名称	クラス	普遍性	OS / CPE
language	—	Memory-Unsafe	Often	—
language	C	—	Undetermined	—

これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。

CVE	公開	概要
CVE-2025-47749	2025-05-19	V-SFT v6.2.5.0 and earlier contains an issue with free of pointer not at start of buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function. Opening specially crafted V7 or V8 files may lead to …
CVE-2024-31413	2024-05-01	Free of pointer not at start of buffer vulnerability exists in CX-One CX-One CXONE-AL[][]D-V4 (The version which was installed with a DVD ver. 4.61.1 or lower, and was updated through CX-One V4 auto u…

日付	名称	バージョン	重要度	コメント
2010-09-27	CWE Content Team	1.10	—	updated Relationships
2011-06-01	CWE Content Team	1.13	—	updated Common_Consequences
2012-05-11	CWE Content Team	2.2	—	updated Demonstrative_Examples, Relationships
2012-10-30	CWE Content Team	2.3	—	updated Potential_Mitigations
2014-02-18	CWE Content Team	2.6	—	updated Potential_Mitigations
2014-07-30	CWE Content Team	2.8	—	updated Relationships, Taxonomy_Mappings
2020-02-24	CWE Content Team	4.0	—	updated Relationships
2020-12-10	CWE Content Team	4.3	—	updated Relationships
2021-03-15	CWE Content Team	4.4	—	updated Observed_Examples
2023-01-31	CWE Content Team	4.10	—	updated Description
2023-04-27	CWE Content Team	4.11	—	updated References, Relationships
2023-06-29	CWE Content Team	4.12	—	updated Mapping_Notes
2025-09-09	CWE Content Team	4.18	—	updated Functional_Areas, References
2025-12-11	CWE Content Team	4.19	—	updated Applicable_Platforms, Detection_Factors, Potential_Mitigations, References, Weakness_Ordinalities
2026-04-30	CWE Content Team	4.20	—	updated Detection_Factors