Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-0613

4 documents4 sources

Severity

5.0MEDIUM

EPSS

5.7%

top 9.62%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apple Ichat Apple Instant Message Framework

Timeline

PublishedJan 31

Latest updateMay 1

Description

The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDapple/instant_message_framework428

▶NVDapple/ichat3.1.6

🔴Vulnerability Details

GHSA

GHSA-qpgm-wrx9-v53j: The Bonjour functionality in mDNSResponder, iChat 3↗2022-05-01

▶

CVEList

CVE-2007-0613: The Bonjour functionality in mDNSResponder, iChat 3↗2007-01-31

▶

💥Exploits & PoCs

Exploit-DB

Apple iChat Bonjour 3.1.6.441 - Multiple Denial of Service Vulnerabilities↗2007-01-30

▶