Vulnerability Details : CVE-2007-0613
The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2007-0613
Probability of exploitation activity in the next 30 days: 1.60%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 86 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-0613
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
References for CVE-2007-0613
-
http://projects.info-pull.com/moab/MOAB-29-01-2007.html
Exploit;Vendor Advisory
-
http://www.securityfocus.com/bid/22304
Exploit
Products affected by CVE-2007-0613
- cpe:2.3:a:apple:ichat:3.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:apple:instant_message_framework:428:*:*:*:*:*:*:*
- cpe:2.3:a:apple:mdnsresponder:*:*:*:*:*:*:*:*