ID CVE-2007-0613
Summary The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries.
References
Vulnerable Configurations
  • cpe:2.3:a:apple:ichat:3.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:apple:ichat:3.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:instant_message_framework:428:*:*:*:*:*:*:*
    cpe:2.3:a:apple:instant_message_framework:428:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:mdnsresponder:*:*:*:*:*:*:*:*
    cpe:2.3:a:apple:mdnsresponder:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 05-09-2008 - 21:18)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 22304
misc http://projects.info-pull.com/moab/MOAB-29-01-2007.html
osvdb
  • 32698
  • 32699
Last major update 05-09-2008 - 21:18
Published 31-01-2007 - 11:28
Last modified 05-09-2008 - 21:18
Back to Top