Details of VAR-201606-0032

ID

VAR-201606-0032

CVE

CVE-2015-7987

TITLE

mDNSResponder contains multiple memory-based vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#143335

DESCRIPTION

Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function. mDNSResponder provides unicast and multicast mDNS services on UNIX-like operating systems such as OS X. mDNSResponder version 379.27 and above prior to version 625.41.2 is vulnerable to several buffer overflow vulnerabilities, as well as a null pointer dereference. mDNSResponder Contains a buffer overflow vulnerability. mDNSResponder is prone to multiple buffer-overflow vulnerabilities because it fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffer. Attackers can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions

Trust: 2.79

sources: NVD: CVE-2015-7987 // CERT/CC: VU#143335 // JVNDB: JVNDB-2015-007208 // BID: 91323 // VULHUB: VHN-85948 // VULMON: CVE-2015-7987

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	gte	version:	10.11.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lt	version:	10.11.1	Trust: 1.0
vendor:	apple	model:	airport base station	scope:	gte	version:	7.6	Trust: 1.0
vendor:	apple	model:	mdnsresponder	scope:	lt	version:	625.41.2	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lt	version:	10.9.5	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lt	version:	10.10.5	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	gte	version:	10.9	Trust: 1.0
vendor:	apple	model:	airport base station	scope:	gte	version:	7.7	Trust: 1.0
vendor:	apple	model:	airport base station	scope:	lt	version:	7.6.7	Trust: 1.0
vendor:	apple	model:	watchos	scope:	lt	version:	2.1	Trust: 1.0
vendor:	apple	model:	airport base station	scope:	lt	version:	7.7.7	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	gte	version:	9.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	9.1	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	gte	version:	10.10.0	Trust: 1.0
vendor:	apple	model:	watchos	scope:	eq	version:	2.0	Trust: 0.9
vendor:	android open source	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	airmac base station	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	airmac base station	scope:	lt	version:	7.6.7 earlier	Trust: 0.8
vendor:	apple	model:	airmac base station	scope:	lt	version:	7.7.7 earlier	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	lt	version:	v10.10.5 and security updates 2015-004 yosemite earlier	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	lt	version:	v10.11.1 earlier	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	lt	version:	v10.9.5 and security updates 2015-007 mavericks earlier	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.1 earlier	Trust: 0.8
vendor:	apple	model:	mdnsresponder	scope:	lt	version:	379.27 or later 625.41.2	Trust: 0.8
vendor:	apple	model:	watchos	scope:	lt	version:	2.1 earlier	Trust: 0.8
vendor:	apple	model:	airport base station	scope:	eq	version:	7.6.6	Trust: 0.6
vendor:	apple	model:	iphone os	scope:	eq	version:	9.0.2	Trust: 0.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.10.4	Trust: 0.6
vendor:	apple	model:	airport base station	scope:	eq	version:	7.7.6	Trust: 0.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11.0	Trust: 0.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.9.4	Trust: 0.6
vendor:	apple	model:	mdnsresponder	scope:	eq	version:	576.30.4	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	30	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.10.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	watchos	scope:	eq	version:	2.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	ne	version:	9.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	40	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1	Trust: 0.3
vendor:	mdnsresponder	model:	mdnsresponder	scope:	eq	version:	379.27	Trust: 0.3
vendor:	oracle	model:	solaris	scope:	eq	version:	11.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4.1	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.6.3	Trust: 0.3
vendor:	apple	model:	watchos	scope:	eq	version:	1.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	50	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.6.4	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.6.2	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.4.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.2	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	ne	version:	7.6.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	oracle	model:	solaris sru11.6	scope:	ne	version:	11.3	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	ne	version:	7.7.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.11.1	Trust: 0.3
vendor:	apple	model:	watchos	scope:	ne	version:	2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.1	Trust: 0.3
vendor:	apple	model:	watchos	scope:	eq	version:	1.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.6.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.2	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.5.2	Trust: 0.3
vendor:	apple	model:	mac os security update	scope:	ne	version:	x2015	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	mdnsresponder	model:	mdnsresponder	scope:	ne	version:	625.41.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.1	Trust: 0.3

sources: CERT/CC: VU#143335 // BID: 91323 // JVNDB: JVNDB-2015-007208 // CNNVD: CNNVD-201606-473 // NVD: CVE-2015-7987

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-7987
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2015-7987
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201606-473
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-85948
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2015-7987
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-7987
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-85948
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2015-7987
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-85948 // VULMON: CVE-2015-7987 // JVNDB: JVNDB-2015-007208 // CNNVD: CNNVD-201606-473 // NVD: CVE-2015-7987

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.9
problemtype:	CWE-Other	Trust: 0.8

sources: VULHUB: VHN-85948 // JVNDB: JVNDB-2015-007208 // NVD: CVE-2015-7987

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201606-473

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201606-473

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-007208

PATCH

title:	Bonjour for Developers	url:	https://developer.apple.com/bonjour/	Trust: 0.8
title:	mDNSResponder	url:	http://opensource.apple.com/tarballs/mDNSResponder/	Trust: 0.8
title:	HT206846	url:	https://support.apple.com/en-us/HT206846	Trust: 0.8
title:	HT206846	url:	https://support.apple.com/ja-jp/HT206846	Trust: 0.8
title:	mDNSResponder Buffer Overflow Vulnerability Fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62400	Trust: 0.6
title:	Apple: iOS 9.1	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=123f4c3a6e7427c916e120e518bda58a	Trust: 0.1
title:	Apple: OS X El Capitan 10.11.1, Security Update 2015-004 Yosemite, and Security Update 2015-007 Mavericks	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=fd51407c33ee29c59223888703327538	Trust: 0.1
title:	Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=ac5af5dd99788925425f5747ec672707	Trust: 0.1

sources: VULMON: CVE-2015-7987 // JVNDB: JVNDB-2015-007208 // CNNVD: CNNVD-201606-473

EXTERNAL IDS

db:	CERT/CC	id:	VU#143335	Trust: 3.7
db:	NVD	id:	CVE-2015-7987	Trust: 2.9
db:	BID	id:	91323	Trust: 1.5
db:	SECTRACK	id:	1036181	Trust: 1.2
db:	JVN	id:	JVNVU97008560	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-007208	Trust: 0.8
db:	CNNVD	id:	CNNVD-201606-473	Trust: 0.7
db:	VULHUB	id:	VHN-85948	Trust: 0.1
db:	VULMON	id:	CVE-2015-7987	Trust: 0.1

sources: CERT/CC: VU#143335 // VULHUB: VHN-85948 // VULMON: CVE-2015-7987 // BID: 91323 // JVNDB: JVNDB-2015-007208 // CNNVD: CNNVD-201606-473 // NVD: CVE-2015-7987

REFERENCES

url:	http://www.kb.cert.org/vuls/id/143335	Trust: 3.0
url:	http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html	Trust: 1.5
url:	http://www.securityfocus.com/bid/91323	Trust: 1.3
url:	https://support.apple.com/ht206846	Trust: 1.2
url:	http://www.securitytracker.com/id/1036181	Trust: 1.2
url:	https://support.apple.com/en-us/ht206846	Trust: 1.1
url:	http://www.opensource.apple.com/tarballs/mdnsresponder/	Trust: 0.8
url:	https://developer.apple.com/bonjour/	Trust: 0.8
url:	http://cwe.mitre.org/data/definitions/120.html	Trust: 0.8
url:	http://cwe.mitre.org/data/definitions/476.html	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7987	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu97008560	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7987	Trust: 0.8
url:	https://opensource.apple.com/tarballs/mdnsresponder/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CERT/CC: VU#143335 // VULHUB: VHN-85948 // VULMON: CVE-2015-7987 // BID: 91323 // JVNDB: JVNDB-2015-007208 // CNNVD: CNNVD-201606-473 // NVD: CVE-2015-7987

CREDITS

Apple

Trust: 0.6

sources: CNNVD: CNNVD-201606-473

SOURCES

db:	CERT/CC	id:	VU#143335
db:	VULHUB	id:	VHN-85948
db:	VULMON	id:	CVE-2015-7987
db:	BID	id:	91323
db:	JVNDB	id:	JVNDB-2015-007208
db:	CNNVD	id:	CNNVD-201606-473
db:	NVD	id:	CVE-2015-7987

LAST UPDATE DATE

2025-04-13T23:39:31.849000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#143335	date:	2016-06-20T00:00:00
db:	VULHUB	id:	VHN-85948	date:	2019-06-19T00:00:00
db:	VULMON	id:	CVE-2015-7987	date:	2019-06-19T00:00:00
db:	BID	id:	91323	date:	2016-08-30T12:00:00
db:	JVNDB	id:	JVNDB-2015-007208	date:	2016-06-28T00:00:00
db:	CNNVD	id:	CNNVD-201606-473	date:	2016-06-27T00:00:00
db:	NVD	id:	CVE-2015-7987	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#143335	date:	2016-06-20T00:00:00
db:	VULHUB	id:	VHN-85948	date:	2016-06-26T00:00:00
db:	VULMON	id:	CVE-2015-7987	date:	2016-06-26T00:00:00
db:	BID	id:	91323	date:	2016-06-20T00:00:00
db:	JVNDB	id:	JVNDB-2015-007208	date:	2016-06-28T00:00:00
db:	CNNVD	id:	CNNVD-201606-473	date:	2016-06-21T00:00:00
db:	NVD	id:	CVE-2015-7987	date:	2016-06-26T01:59:00.127