Apple Bonjour before 2011 allows a crash via a crafted multicast DNS packet.
Max CVSS
5.5
EPSS Score
0.04%
Published
2020-02-05
Updated
2020-02-07
mDNSResponder in Apple Bonjour for Windows before 1.0.5, when an application uses the Bonjour API for unicast DNS, does not choose random values for transaction IDs or source ports in DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.
Max CVSS
6.4
EPSS Score
2.04%
Published
2008-09-11
Updated
2018-10-30
mDNSResponder in the Bonjour Namespace Provider in Apple Bonjour for Windows before 1.0.5 allows attackers to cause a denial of service (NULL pointer dereference and application crash) by resolving a crafted .local domain name that contains a long label.
Max CVSS
5.0
EPSS Score
1.15%
Published
2008-09-11
Updated
2018-10-30
3 vulnerabilities found