Search criteria
12 vulnerabilities found for mdnsresponder by apple
VAR-200701-0340
Vulnerability from variot - Updated: 2024-07-23 20:27The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries. A vulnerability in the way Apple Mac OS X handles corrupted Universal Mach-O Binaries may result in execution of arbitrary code or denial of service. Apple iChat is prone to multiple remote denial-of-service vulnerabilities. These issues affect the Bonjour functionality. Apple iChat 3.1.6 is reported affected; other versions may be vulnerable as well. Apple iChat is a video chat tool bundled with Apple's family of operating systems. Several denial-of-service vulnerabilities exist in iChat's Bonjour feature, which allows automatic discovery of computers. There are no restrictions on finding available contacts via mDNS queries, iChat will add the broadcasted _presence._tcp record even if the contact does not exist, so a malicious user can broadcast a fake record so that iChat users using Bonjour cannot discover more peers, unable to communicate reliably. In addition, the iChat agent may have an exception when processing a specially crafted TXT key hash, resulting in a crash when sending a SIGTRAP signal to the process. Trying to start iChat Bonjour again will fail because mDNSResponder keeps a specially crafted record.
To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.
The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.
This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links
Read the full description: http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l
TITLE: Mac OS X Mach-O Universal Binary Memory Corruption
SECUNIA ADVISORY ID: SA23088
VERIFY ADVISORY: http://secunia.com/advisories/23088/
CRITICAL: Less critical
IMPACT: DoS, System access
WHERE: Local system
OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/
DESCRIPTION: LMH has reported a vulnerability in Mac OS X, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges.
The vulnerability is caused due to an error in the fatfile_getarch2() function. This can be exploited to cause an integer overflow and may potentially allow execution of arbitrary code with kernel privileges via a specially crafted Mach-O Universal binary.
The vulnerability is reported in a fully patched Mac OS X (2006-11-26).
SOLUTION: Grant only trusted users access to affected systems.
PROVIDED AND/OR DISCOVERED BY: LMH
ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-26-11-2006.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200701-0340",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ichat",
"scope": "eq",
"trust": 2.7,
"vendor": "apple",
"version": "3.1.6"
},
{
"model": "instant message framework",
"scope": "eq",
"trust": 2.4,
"vendor": "apple",
"version": "428"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": "mdnsresponder",
"scope": null,
"trust": 1.4,
"vendor": "apple",
"version": null
},
{
"model": "mdnsresponder",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#346656"
},
{
"db": "CERT/CC",
"id": "VU#765096"
},
{
"db": "BID",
"id": "22304"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001482"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-592"
},
{
"db": "NVD",
"id": "CVE-2007-0613"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:ichat:3.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:instant_message_framework:428:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:mdnsresponder:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0613"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LMH lmh@info-pull.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-592"
}
],
"trust": 0.6
},
"cve": "CVE-2007-0613",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-0613",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-23975",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-0613",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#346656",
"trust": 0.8,
"value": "17.10"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#765096",
"trust": 0.8,
"value": "5.18"
},
{
"author": "CNNVD",
"id": "CNNVD-200701-592",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-23975",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#346656"
},
{
"db": "CERT/CC",
"id": "VU#765096"
},
{
"db": "VULHUB",
"id": "VHN-23975"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001482"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-592"
},
{
"db": "NVD",
"id": "CVE-2007-0613"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries. A vulnerability in the way Apple Mac OS X handles corrupted Universal Mach-O Binaries may result in execution of arbitrary code or denial of service. Apple iChat is prone to multiple remote denial-of-service vulnerabilities. These issues affect the Bonjour functionality. \nApple iChat 3.1.6 is reported affected; other versions may be vulnerable as well. Apple iChat is a video chat tool bundled with Apple\u0027s family of operating systems. Several denial-of-service vulnerabilities exist in iChat\u0027s Bonjour feature, which allows automatic discovery of computers. There are no restrictions on finding available contacts via mDNS queries, iChat will add the broadcasted _presence._tcp record even if the contact does not exist, so a malicious user can broadcast a fake record so that iChat users using Bonjour cannot discover more peers, unable to communicate reliably. In addition, the iChat agent may have an exception when processing a specially crafted TXT key hash, resulting in a crash when sending a SIGTRAP signal to the process. Trying to start iChat Bonjour again will fail because mDNSResponder keeps a specially crafted record. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\nMac OS X Mach-O Universal Binary Memory Corruption\n\nSECUNIA ADVISORY ID:\nSA23088\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/23088/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\nLocal system\n\nOPERATING SYSTEM:\nApple Macintosh OS X\nhttp://secunia.com/product/96/\n\nDESCRIPTION:\nLMH has reported a vulnerability in Mac OS X, which can be exploited\nby malicious, local users to cause a DoS (Denial of Service) or\npotentially gain escalated privileges. \n\nThe vulnerability is caused due to an error in the fatfile_getarch2()\nfunction. This can be exploited to cause an integer overflow and may\npotentially allow execution of arbitrary code with kernel privileges\nvia a specially crafted Mach-O Universal binary. \n\nThe vulnerability is reported in a fully patched Mac OS X\n(2006-11-26). \n\nSOLUTION:\nGrant only trusted users access to affected systems. \n\nPROVIDED AND/OR DISCOVERED BY:\nLMH\n\nORIGINAL ADVISORY:\nhttp://projects.info-pull.com/mokb/MOKB-26-11-2006.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0613"
},
{
"db": "CERT/CC",
"id": "VU#346656"
},
{
"db": "CERT/CC",
"id": "VU#765096"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001482"
},
{
"db": "BID",
"id": "22304"
},
{
"db": "VULHUB",
"id": "VHN-23975"
},
{
"db": "PACKETSTORM",
"id": "52529"
}
],
"trust": 3.51
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-23975",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23975"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-0613",
"trust": 2.8
},
{
"db": "BID",
"id": "22304",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "32698",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "32699",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "24479",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1017751",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23088",
"trust": 0.9
},
{
"db": "BID",
"id": "21291",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#346656",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22808",
"trust": 0.8
},
{
"db": "BID",
"id": "20982",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#765096",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001482",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200701-592",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "3230",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-23975",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52529",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#346656"
},
{
"db": "CERT/CC",
"id": "VU#765096"
},
{
"db": "VULHUB",
"id": "VHN-23975"
},
{
"db": "BID",
"id": "22304"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001482"
},
{
"db": "PACKETSTORM",
"id": "52529"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-592"
},
{
"db": "NVD",
"id": "CVE-2007-0613"
}
]
},
"id": "VAR-200701-0340",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-23975"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:27:11.499000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Update 2007-002",
"trust": 0.8,
"url": "http://support.apple.com/kb/ta24579?viewlocale=en_us"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001482"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0613"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://projects.info-pull.com/moab/moab-29-01-2007.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/22304"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/32698"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/32699"
},
{
"trust": 1.6,
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/24479/"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/alerts/2007/mar/1017751.html"
},
{
"trust": 0.9,
"url": "http://projects.info-pull.com/mokb/mokb-26-11-2006.html"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/23088/"
},
{
"trust": 0.8,
"url": "http://projects.info-pull.com/mokb/bug-files/mokb-26-11-2006.bz2"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/21291"
},
{
"trust": 0.8,
"url": "http://projects.info-pull.com/mokb/mokb-09-11-2006.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22808/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20982"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0613"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0613"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=305102"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ichat/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/products/48/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/96/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#346656"
},
{
"db": "CERT/CC",
"id": "VU#765096"
},
{
"db": "VULHUB",
"id": "VHN-23975"
},
{
"db": "BID",
"id": "22304"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001482"
},
{
"db": "PACKETSTORM",
"id": "52529"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-592"
},
{
"db": "NVD",
"id": "CVE-2007-0613"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#346656"
},
{
"db": "CERT/CC",
"id": "VU#765096"
},
{
"db": "VULHUB",
"id": "VHN-23975"
},
{
"db": "BID",
"id": "22304"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001482"
},
{
"db": "PACKETSTORM",
"id": "52529"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-592"
},
{
"db": "NVD",
"id": "CVE-2007-0613"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-14T00:00:00",
"db": "CERT/CC",
"id": "VU#346656"
},
{
"date": "2007-03-14T00:00:00",
"db": "CERT/CC",
"id": "VU#765096"
},
{
"date": "2007-01-31T00:00:00",
"db": "VULHUB",
"id": "VHN-23975"
},
{
"date": "2007-01-29T00:00:00",
"db": "BID",
"id": "22304"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001482"
},
{
"date": "2006-11-28T00:52:20",
"db": "PACKETSTORM",
"id": "52529"
},
{
"date": "2007-01-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-592"
},
{
"date": "2007-01-31T11:28:00",
"db": "NVD",
"id": "CVE-2007-0613"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-30T00:00:00",
"db": "CERT/CC",
"id": "VU#346656"
},
{
"date": "2007-07-21T00:00:00",
"db": "CERT/CC",
"id": "VU#765096"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-23975"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "22304"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001482"
},
{
"date": "2007-02-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-592"
},
{
"date": "2008-09-05T21:18:21.727000",
"db": "NVD",
"id": "CVE-2007-0613"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-592"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Mac OS X fails to properly handle corrupted Universal Mach-O Binaries",
"sources": [
{
"db": "CERT/CC",
"id": "VU#346656"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-592"
}
],
"trust": 0.6
}
}
VAR-201606-0032
Vulnerability from variot - Updated: 2023-12-18 13:44Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function. mDNSResponder provides unicast and multicast mDNS services on UNIX-like operating systems such as OS X. mDNSResponder version 379.27 and above prior to version 625.41.2 is vulnerable to several buffer overflow vulnerabilities, as well as a null pointer dereference. mDNSResponder Contains a buffer overflow vulnerability. mDNSResponder is prone to multiple buffer-overflow vulnerabilities because it fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffer. Attackers can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0032",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "airport base station",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.9.5"
},
{
"model": "iphone os",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "9.0"
},
{
"model": "airport base station",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "7.7"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.11.0"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "9.1"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.9"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.5"
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "2.1"
},
{
"model": "airport base station",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.11.1"
},
{
"model": "airport base station",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "7.6"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.0"
},
{
"model": "mdnsresponder",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "625.41.2"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.9,
"vendor": "apple",
"version": "2.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "airmac base station",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "airmac base station",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.6.7 earlier"
},
{
"model": "airmac base station",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.7.7 earlier"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "v10.10.5 and security updates 2015-004 yosemite earlier"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "v10.11.1 earlier"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "v10.9.5 and security updates 2015-007 mavericks earlier"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "9.1 earlier"
},
{
"model": "mdnsresponder",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "379.27 or later 625.41.2"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "2.1 earlier"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.6.6"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.10.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.7.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.9.4"
},
{
"model": "mdnsresponder",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "576.30.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "30"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "40"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1"
},
{
"model": "mdnsresponder",
"scope": "eq",
"trust": 0.3,
"vendor": "mdnsresponder",
"version": "379.27"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.4.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.3"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "50"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "solaris sru11.6",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.3"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.1"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.5.2"
},
{
"model": "mac os security update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2015"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "mdnsresponder",
"scope": "ne",
"trust": 0.3,
"vendor": "mdnsresponder",
"version": "625.41.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#143335"
},
{
"db": "BID",
"id": "91323"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007208"
},
{
"db": "NVD",
"id": "CVE-2015-7987"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-473"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.9.5",
"versionStartIncluding": "10.9",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.10.5",
"versionStartIncluding": "10.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.11.1",
"versionStartIncluding": "10.11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1",
"versionStartIncluding": "9.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:airport_base_station_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.7.7",
"versionStartIncluding": "7.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:airport_base_station_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.6.7",
"versionStartIncluding": "7.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:apple:airport_base_station:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:mdnsresponder:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "625.41.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7987"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-473"
}
],
"trust": 0.6
},
"cve": "CVE-2015-7987",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-7987",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-85948",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2015-7987",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-7987",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-473",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-85948",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-7987",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85948"
},
{
"db": "VULMON",
"id": "CVE-2015-7987"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007208"
},
{
"db": "NVD",
"id": "CVE-2015-7987"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-473"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function. mDNSResponder provides unicast and multicast mDNS services on UNIX-like operating systems such as OS X. mDNSResponder version 379.27 and above prior to version 625.41.2 is vulnerable to several buffer overflow vulnerabilities, as well as a null pointer dereference. mDNSResponder Contains a buffer overflow vulnerability. mDNSResponder is prone to multiple buffer-overflow vulnerabilities because it fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffer. \nAttackers can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7987"
},
{
"db": "CERT/CC",
"id": "VU#143335"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007208"
},
{
"db": "BID",
"id": "91323"
},
{
"db": "VULHUB",
"id": "VHN-85948"
},
{
"db": "VULMON",
"id": "CVE-2015-7987"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#143335",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2015-7987",
"trust": 2.9
},
{
"db": "BID",
"id": "91323",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1036181",
"trust": 1.2
},
{
"db": "JVN",
"id": "JVNVU97008560",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007208",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201606-473",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-85948",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-7987",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#143335"
},
{
"db": "VULHUB",
"id": "VHN-85948"
},
{
"db": "VULMON",
"id": "CVE-2015-7987"
},
{
"db": "BID",
"id": "91323"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007208"
},
{
"db": "NVD",
"id": "CVE-2015-7987"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-473"
}
]
},
"id": "VAR-201606-0032",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85948"
}
],
"trust": 0.48026314999999997
},
"last_update_date": "2023-12-18T13:44:13.194000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Bonjour for Developers",
"trust": 0.8,
"url": "https://developer.apple.com/bonjour/"
},
{
"title": "mDNSResponder",
"trust": 0.8,
"url": "http://opensource.apple.com/tarballs/mdnsresponder/"
},
{
"title": "HT206846",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht206846"
},
{
"title": "HT206846",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht206846"
},
{
"title": "mDNSResponder Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62400"
},
{
"title": "Apple: iOS 9.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=123f4c3a6e7427c916e120e518bda58a"
},
{
"title": "Apple: OS X El Capitan 10.11.1, Security Update\u00a02015-004 Yosemite, and Security Update 2015-007 Mavericks",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=fd51407c33ee29c59223888703327538"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7987"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007208"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-473"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85948"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007208"
},
{
"db": "NVD",
"id": "CVE-2015-7987"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"trust": 1.5,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/91323"
},
{
"trust": 1.2,
"url": "https://support.apple.com/ht206846"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1036181"
},
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht206846"
},
{
"trust": 0.8,
"url": "http://www.opensource.apple.com/tarballs/mdnsresponder/"
},
{
"trust": 0.8,
"url": "https://developer.apple.com/bonjour/"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/476.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7987"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu97008560"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7987"
},
{
"trust": 0.3,
"url": "https://opensource.apple.com/tarballs/mdnsresponder/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#143335"
},
{
"db": "VULHUB",
"id": "VHN-85948"
},
{
"db": "VULMON",
"id": "CVE-2015-7987"
},
{
"db": "BID",
"id": "91323"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007208"
},
{
"db": "NVD",
"id": "CVE-2015-7987"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-473"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#143335"
},
{
"db": "VULHUB",
"id": "VHN-85948"
},
{
"db": "VULMON",
"id": "CVE-2015-7987"
},
{
"db": "BID",
"id": "91323"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007208"
},
{
"db": "NVD",
"id": "CVE-2015-7987"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-473"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-20T00:00:00",
"db": "CERT/CC",
"id": "VU#143335"
},
{
"date": "2016-06-26T00:00:00",
"db": "VULHUB",
"id": "VHN-85948"
},
{
"date": "2016-06-26T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7987"
},
{
"date": "2016-06-20T00:00:00",
"db": "BID",
"id": "91323"
},
{
"date": "2016-06-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007208"
},
{
"date": "2016-06-26T01:59:00.127000",
"db": "NVD",
"id": "CVE-2015-7987"
},
{
"date": "2016-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-473"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-20T00:00:00",
"db": "CERT/CC",
"id": "VU#143335"
},
{
"date": "2019-06-19T00:00:00",
"db": "VULHUB",
"id": "VHN-85948"
},
{
"date": "2019-06-19T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7987"
},
{
"date": "2016-08-30T12:00:00",
"db": "BID",
"id": "91323"
},
{
"date": "2016-06-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007208"
},
{
"date": "2019-06-19T16:27:53.997000",
"db": "NVD",
"id": "CVE-2015-7987"
},
{
"date": "2016-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-473"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-473"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "mDNSResponder contains multiple memory-based vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#143335"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-473"
}
],
"trust": 0.6
}
}
VAR-201606-0033
Vulnerability from variot - Updated: 2023-12-18 13:44The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors. mDNSResponder provides unicast and multicast mDNS services on UNIX-like operating systems such as OS X. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. mDNSResponder is prone to a remote code-execution vulnerability. A security vulnerability exists in the 'handle_regservice_request' function of mDNSResponder versions prior to 625.41.2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0033",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "airport base station",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.9.5"
},
{
"model": "iphone os",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "9.0"
},
{
"model": "airport base station",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "7.7"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.11.0"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "9.1"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.9"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.5"
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "2.1"
},
{
"model": "airport base station",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.11.1"
},
{
"model": "airport base station",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "7.6"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.0"
},
{
"model": "mdnsresponder",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "625.41.2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "airmac base station",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "airmac base station",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.6.7 earlier"
},
{
"model": "airmac base station",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.7.7 earlier"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "v10.10.5 and security updates 2015-004 yosemite earlier"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "v10.11.1 earlier"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "v10.9.5 and security updates 2015-007 mavericks earlier"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "9.1 earlier"
},
{
"model": "mdnsresponder",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "379.27 or later 625.41.2"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "2.1 earlier"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.10.4"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.11.0"
},
{
"model": "airport base station",
"scope": null,
"trust": 0.6,
"vendor": "apple",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.9.4"
},
{
"model": "mdnsresponder",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "576.30.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#143335"
},
{
"db": "BID",
"id": "91325"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007209"
},
{
"db": "NVD",
"id": "CVE-2015-7988"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-474"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.11.1",
"versionStartIncluding": "10.11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.9.5",
"versionStartIncluding": "10.9",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.10.5",
"versionStartIncluding": "10.10.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:airport_base_station_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.6.7",
"versionStartIncluding": "7.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:airport_base_station_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.7.7",
"versionStartIncluding": "7.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:apple:airport_base_station:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:mdnsresponder:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "625.41.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7988"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "BID",
"id": "91325"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-474"
}
],
"trust": 0.9
},
"cve": "CVE-2015-7988",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-7988",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-85949",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2015-7988",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-7988",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-474",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-85949",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-7988",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85949"
},
{
"db": "VULMON",
"id": "CVE-2015-7988"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007209"
},
{
"db": "NVD",
"id": "CVE-2015-7988"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-474"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors. mDNSResponder provides unicast and multicast mDNS services on UNIX-like operating systems such as OS X. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. mDNSResponder is prone to a remote code-execution vulnerability. A security vulnerability exists in the \u0027handle_regservice_request\u0027 function of mDNSResponder versions prior to 625.41.2",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7988"
},
{
"db": "CERT/CC",
"id": "VU#143335"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007209"
},
{
"db": "BID",
"id": "91325"
},
{
"db": "VULHUB",
"id": "VHN-85949"
},
{
"db": "VULMON",
"id": "CVE-2015-7988"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#143335",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2015-7988",
"trust": 2.9
},
{
"db": "SECTRACK",
"id": "1036181",
"trust": 1.2
},
{
"db": "JVN",
"id": "JVNVU97008560",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007209",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201606-474",
"trust": 0.7
},
{
"db": "BID",
"id": "91325",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-85949",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-7988",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#143335"
},
{
"db": "VULHUB",
"id": "VHN-85949"
},
{
"db": "VULMON",
"id": "CVE-2015-7988"
},
{
"db": "BID",
"id": "91325"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007209"
},
{
"db": "NVD",
"id": "CVE-2015-7988"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-474"
}
]
},
"id": "VAR-201606-0033",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85949"
}
],
"trust": 0.48026314999999997
},
"last_update_date": "2023-12-18T13:44:13.230000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Bonjour for Developers",
"trust": 0.8,
"url": "https://developer.apple.com/bonjour/"
},
{
"title": "mDNSResponder",
"trust": 0.8,
"url": "http://opensource.apple.com/tarballs/mdnsresponder/"
},
{
"title": "HT206846",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht206846"
},
{
"title": "HT206846",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht206846"
},
{
"title": "mDNSResponder Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62401"
},
{
"title": "Apple: iOS 9.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=123f4c3a6e7427c916e120e518bda58a"
},
{
"title": "Apple: OS X El Capitan 10.11.1, Security Update\u00a02015-004 Yosemite, and Security Update 2015-007 Mavericks",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=fd51407c33ee29c59223888703327538"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7988"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007209"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-474"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007209"
},
{
"db": "NVD",
"id": "CVE-2015-7988"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"trust": 1.2,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"trust": 1.2,
"url": "https://support.apple.com/ht206846"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1036181"
},
{
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht206846"
},
{
"trust": 0.8,
"url": "http://www.opensource.apple.com/tarballs/mdnsresponder/"
},
{
"trust": 0.8,
"url": "https://developer.apple.com/bonjour/"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/476.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7988"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu97008560"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7988"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/91325"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#143335"
},
{
"db": "VULHUB",
"id": "VHN-85949"
},
{
"db": "VULMON",
"id": "CVE-2015-7988"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007209"
},
{
"db": "NVD",
"id": "CVE-2015-7988"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-474"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#143335"
},
{
"db": "VULHUB",
"id": "VHN-85949"
},
{
"db": "VULMON",
"id": "CVE-2015-7988"
},
{
"db": "BID",
"id": "91325"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007209"
},
{
"db": "NVD",
"id": "CVE-2015-7988"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-474"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-20T00:00:00",
"db": "CERT/CC",
"id": "VU#143335"
},
{
"date": "2016-06-26T00:00:00",
"db": "VULHUB",
"id": "VHN-85949"
},
{
"date": "2016-06-26T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7988"
},
{
"date": "2016-06-20T00:00:00",
"db": "BID",
"id": "91325"
},
{
"date": "2016-06-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007209"
},
{
"date": "2016-06-26T01:59:01.503000",
"db": "NVD",
"id": "CVE-2015-7988"
},
{
"date": "2016-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-474"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-20T00:00:00",
"db": "CERT/CC",
"id": "VU#143335"
},
{
"date": "2019-06-19T00:00:00",
"db": "VULHUB",
"id": "VHN-85949"
},
{
"date": "2019-06-19T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7988"
},
{
"date": "2016-07-06T15:01:00",
"db": "BID",
"id": "91325"
},
{
"date": "2016-06-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007209"
},
{
"date": "2019-06-19T16:46:00.873000",
"db": "NVD",
"id": "CVE-2015-7988"
},
{
"date": "2016-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-474"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-474"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "mDNSResponder contains multiple memory-based vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#143335"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-474"
}
],
"trust": 0.6
}
}
FKIE_CVE-2015-7988
Vulnerability from fkie_nvd - Published: 2016-06-26 01:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.
References
| URL | Tags | ||
|---|---|---|---|
| cret@cert.org | http://www.kb.cert.org/vuls/id/143335 | Third Party Advisory, US Government Resource | |
| cret@cert.org | http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html | Third Party Advisory | |
| cret@cert.org | http://www.securitytracker.com/id/1036181 | Third Party Advisory, VDB Entry | |
| cret@cert.org | https://support.apple.com/HT206846 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/143335 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036181 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT206846 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x | * | |
| apple | watchos | * | |
| apple | airport_base_station_firmware | * | |
| apple | airport_base_station_firmware | * | |
| apple | airport_base_station | * | |
| apple | mdnsresponder | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16B99C6A-603B-4F24-909C-D46433F0C9C4",
"versionEndExcluding": "9.1",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB4AA7F-DAFA-42E8-90A9-9B7F103F9D4A",
"versionEndExcluding": "10.9.5",
"versionStartIncluding": "10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49284BF2-91CD-4528-968C-3995D532D443",
"versionEndExcluding": "10.10.5",
"versionStartIncluding": "10.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7DF95A-E481-4E7F-B87C-7002DF94B4F4",
"versionEndExcluding": "10.11.1",
"versionStartIncluding": "10.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13F4C5CF-ABD9-44C5-9109-371425F853ED",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:airport_base_station_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAB56622-CC94-4041-8CAD-F65B68C5CDD1",
"versionEndExcluding": "7.6.7",
"versionStartIncluding": "7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:airport_base_station_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFB3A56-C1EA-484B-87D0-15C17526604E",
"versionEndExcluding": "7.7.7",
"versionStartIncluding": "7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:apple:airport_base_station:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E207B64-7129-48BD-9EAE-7773ECDDBBC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:mdnsresponder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FECB1D88-E7F8-4DC1-BCCD-28983034DC14",
"versionEndExcluding": "625.41.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors."
},
{
"lang": "es",
"value": "La funci\u00f3n handle_regservice_request en mDNSResponder en versiones anteriores a 625.41.2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (referencia a puntero NULL) a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-7988",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-26T01:59:01.503",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036181"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT206846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT206846"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-7987
Vulnerability from fkie_nvd - Published: 2016-06-26 01:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x | * | |
| apple | watchos | * | |
| apple | airport_base_station_firmware | * | |
| apple | airport_base_station_firmware | * | |
| apple | airport_base_station | * | |
| apple | mdnsresponder | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16B99C6A-603B-4F24-909C-D46433F0C9C4",
"versionEndExcluding": "9.1",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB4AA7F-DAFA-42E8-90A9-9B7F103F9D4A",
"versionEndExcluding": "10.9.5",
"versionStartIncluding": "10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49284BF2-91CD-4528-968C-3995D532D443",
"versionEndExcluding": "10.10.5",
"versionStartIncluding": "10.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7DF95A-E481-4E7F-B87C-7002DF94B4F4",
"versionEndExcluding": "10.11.1",
"versionStartIncluding": "10.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13F4C5CF-ABD9-44C5-9109-371425F853ED",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:airport_base_station_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAB56622-CC94-4041-8CAD-F65B68C5CDD1",
"versionEndExcluding": "7.6.7",
"versionStartIncluding": "7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:airport_base_station_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFB3A56-C1EA-484B-87D0-15C17526604E",
"versionEndExcluding": "7.7.7",
"versionStartIncluding": "7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:apple:airport_base_station:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E207B64-7129-48BD-9EAE-7773ECDDBBC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:mdnsresponder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FECB1D88-E7F8-4DC1-BCCD-28983034DC14",
"versionEndExcluding": "625.41.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de buffer en mDNSResponder en versiones anteriores a 625.41.2 permiten a atacantes remotos leer o escribir en posiciones de memoria fuera de los l\u00edmites a trav\u00e9s de vectores implicando la funci\u00f3n (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import o (4) CopyNSEC3ResourceRecord."
}
],
"id": "CVE-2015-7987",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-26T01:59:00.127",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91323"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036181"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT206846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT206846"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-0613
Vulnerability from fkie_nvd - Published: 2007-01-31 11:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | ichat | 3.1.6 | |
| apple | instant_message_framework | 428 | |
| apple | mdnsresponder | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:ichat:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E076FA75-75D6-46DF-A87D-1A0B3F16BFD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:instant_message_framework:428:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC0BDD3-67A1-45B5-927C-4C9BD6E64710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:mdnsresponder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F375F0-1822-4E77-9FC0-B286FE894B6A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries."
},
{
"lang": "es",
"value": "La funcionalidad Bonjour en el mDNSResponder, iChat 3.1.6 y InstantMessage framework 428 en el Apple Mac OS X 10.4.8 no chequea entradas duplicadas cuando se a\u00f1aden contactos disponibles reci\u00e9n descubiertos, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (interrumpir la comunicaci\u00f3n) mediante una avalancha de consultas duplicate _presence._tcp mDNS."
}
],
"id": "CVE-2007-0613",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-01-31T11:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://projects.info-pull.com/moab/MOAB-29-01-2007.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/32698"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/32699"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/22304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://projects.info-pull.com/moab/MOAB-29-01-2007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/32698"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/32699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/22304"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2015-7987 (GCVE-0-2015-7987)
Vulnerability from cvelistv5 – Published: 2016-06-26 01:00 – Updated: 2024-08-06 08:06
VLAI?
Summary
Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:06:31.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036181",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036181"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206846"
},
{
"name": "VU#143335",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "91323",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91323"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-28T20:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1036181",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036181"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206846"
},
{
"name": "VU#143335",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "91323",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91323"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-7987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036181",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036181"
},
{
"name": "https://support.apple.com/HT206846",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206846"
},
{
"name": "VU#143335",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "91323",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91323"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-7987",
"datePublished": "2016-06-26T01:00:00",
"dateReserved": "2015-10-27T00:00:00",
"dateUpdated": "2024-08-06T08:06:31.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7988 (GCVE-0-2015-7988)
Vulnerability from cvelistv5 – Published: 2016-06-26 01:00 – Updated: 2024-08-06 08:06
VLAI?
Summary
The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:06:31.556Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036181",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036181"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206846"
},
{
"name": "VU#143335",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-28T20:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1036181",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036181"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206846"
},
{
"name": "VU#143335",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-7988",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036181",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036181"
},
{
"name": "https://support.apple.com/HT206846",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206846"
},
{
"name": "VU#143335",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-7988",
"datePublished": "2016-06-26T01:00:00",
"dateReserved": "2015-10-27T00:00:00",
"dateUpdated": "2024-08-06T08:06:31.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0613 (GCVE-0-2007-0613)
Vulnerability from cvelistv5 – Published: 2007-01-31 11:00 – Updated: 2024-08-07 12:26
VLAI?
Summary
The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32698",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/32698"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://projects.info-pull.com/moab/MOAB-29-01-2007.html"
},
{
"name": "22304",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22304"
},
{
"name": "32699",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/32699"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-03-21T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32698",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/32698"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://projects.info-pull.com/moab/MOAB-29-01-2007.html"
},
{
"name": "22304",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22304"
},
{
"name": "32699",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/32699"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32698",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32698"
},
{
"name": "http://projects.info-pull.com/moab/MOAB-29-01-2007.html",
"refsource": "MISC",
"url": "http://projects.info-pull.com/moab/MOAB-29-01-2007.html"
},
{
"name": "22304",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22304"
},
{
"name": "32699",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32699"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0613",
"datePublished": "2007-01-31T11:00:00",
"dateReserved": "2007-01-30T00:00:00",
"dateUpdated": "2024-08-07T12:26:54.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7987 (GCVE-0-2015-7987)
Vulnerability from nvd – Published: 2016-06-26 01:00 – Updated: 2024-08-06 08:06
VLAI?
Summary
Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:06:31.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036181",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036181"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206846"
},
{
"name": "VU#143335",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "91323",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91323"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-28T20:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1036181",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036181"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206846"
},
{
"name": "VU#143335",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "91323",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91323"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-7987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036181",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036181"
},
{
"name": "https://support.apple.com/HT206846",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206846"
},
{
"name": "VU#143335",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "91323",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91323"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-7987",
"datePublished": "2016-06-26T01:00:00",
"dateReserved": "2015-10-27T00:00:00",
"dateUpdated": "2024-08-06T08:06:31.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7988 (GCVE-0-2015-7988)
Vulnerability from nvd – Published: 2016-06-26 01:00 – Updated: 2024-08-06 08:06
VLAI?
Summary
The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:06:31.556Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036181",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036181"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206846"
},
{
"name": "VU#143335",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-28T20:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1036181",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036181"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206846"
},
{
"name": "VU#143335",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-7988",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036181",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036181"
},
{
"name": "https://support.apple.com/HT206846",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206846"
},
{
"name": "VU#143335",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/143335"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-7988",
"datePublished": "2016-06-26T01:00:00",
"dateReserved": "2015-10-27T00:00:00",
"dateUpdated": "2024-08-06T08:06:31.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0613 (GCVE-0-2007-0613)
Vulnerability from nvd – Published: 2007-01-31 11:00 – Updated: 2024-08-07 12:26
VLAI?
Summary
The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32698",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/32698"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://projects.info-pull.com/moab/MOAB-29-01-2007.html"
},
{
"name": "22304",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22304"
},
{
"name": "32699",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/32699"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-03-21T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32698",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/32698"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://projects.info-pull.com/moab/MOAB-29-01-2007.html"
},
{
"name": "22304",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22304"
},
{
"name": "32699",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/32699"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32698",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32698"
},
{
"name": "http://projects.info-pull.com/moab/MOAB-29-01-2007.html",
"refsource": "MISC",
"url": "http://projects.info-pull.com/moab/MOAB-29-01-2007.html"
},
{
"name": "22304",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22304"
},
{
"name": "32699",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32699"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0613",
"datePublished": "2007-01-31T11:00:00",
"dateReserved": "2007-01-30T00:00:00",
"dateUpdated": "2024-08-07T12:26:54.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}