Vulnerability Description
The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Iphone Os | >= 9.0, < 9.1 |
| Apple | Mac Os X | >= 10.9, < 10.9.5 |
| Apple | Watchos | < 2.1 |
| Apple | Airport Base Station Firmware | >= 7.6, < 7.6.7 |
| Apple | Airport Base Station | All versions |
| Apple | Mdnsresponder | < 625.41.2 |
References
- http://www.kb.cert.org/vuls/id/143335Third Party AdvisoryUS Government Resource
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlThird Party Advisory
- http://www.securitytracker.com/id/1036181Third Party AdvisoryVDB Entry
- https://support.apple.com/HT206846Vendor Advisory
- http://www.kb.cert.org/vuls/id/143335Third Party AdvisoryUS Government Resource
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlThird Party Advisory
- http://www.securitytracker.com/id/1036181Third Party AdvisoryVDB Entry
- https://support.apple.com/HT206846Vendor Advisory
FAQ
What is CVE-2015-7988?
CVE-2015-7988 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vector...
How severe is CVE-2015-7988?
CVE-2015-7988 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2015-7988?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Iphone Os, Apple Mac Os X, Apple Watchos, Apple Airport Base Station Firmware, Apple Airport Base Station.