Denial of Service in Apple Bonjour for Windows
CVE-2008-2326

Currently unrated

Key Information:

Vendor: Apple
Status: Bonjour
Vendor: CVE Published:; 11 September 2008

Summary

A vulnerability exists in the mDNSResponder component of Apple Bonjour for Windows prior to version 1.0.5 that allows attackers to initiate a denial of service. This is achieved by sending a specially crafted .local domain name with a long label, which leads to a NULL pointer dereference and causes the application to crash. As a result, affected users may experience disruptions in their network services.

References

http://secunia.com/advisories/31822

third-party-advisoryx_refsource_SECUNIA

http://www.securitytracker.com/id?1020845

vdb-entryx_refsource_SECTRACK

http://support.apple.com/kb/HT2990

x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 11, 2008
Vulnerability Reserved
May 18, 2008