CVE-2015-7987
published 2016-06-26CVE-2015-7987: Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the…
critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | airport_base_station_firmware | >= 7.6 < 7.6.7 | 7.6.7 |
| apple | airport_base_station_firmware | >= 7.7 < 7.7.7 | 7.7.7 |
| apple | ios | — | — |
| apple | iphone_os | >= 9.0 < 9.1 | 9.1 |
| apple | mac_os_x | >= 10.10.0 < 10.10.5 | 10.10.5 |
| apple | mac_os_x | >= 10.11.0 < 10.11.1 | 10.11.1 |
| apple | mac_os_x | >= 10.9 < 10.9.5 | 10.9.5 |
| apple | mdnsresponder | < 625.41.2 | 625.41.2 |
| apple | os_x_el_capitan_10.11.1_security_update_2015-004_yosemite_and_security_update_20 | — | — |
| apple | watchos | < 2.1 | 2.1 |
| apple | watchos | — | — |