Apple Ichat vulnerabilities

CVE-2007-0614 [HIGH] CVE-2007-0614: The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple M The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (persistent application crash) via a crafted phsh hash attribute in a TXT key.

CVE-2007-0613 [MEDIUM] CVE-2007-0613: The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple M The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries.

CVE-2007-0021 [HIGH] CVE-2007-0021: Format string vulnerability in Apple iChat 3.1.6 allows remote attackers to cause a denial of servic Format string vulnerability in Apple iChat 3.1.6 allows remote attackers to cause a denial of service (null pointer dereference and application crash) and possibly execute arbitrary code via format string specifiers in an aim:// URI.

CVE-2004-0873 [HIGH] CVE-2004-0873: Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows remote attackers to execute arbitrary programs via a "l Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows remote attackers to execute arbitrary programs via a "link" that references the program.