CVE-2015-7987

Name of the Vulnerable Software and Affected Versions mDNSResponder versions prior to 625.41.2

Description The issue involves multiple buffer overflows that allow remote attackers to read or write to out-of-bounds memory locations. This can be achieved through various vectors, including the GetValueForIPv4Addr, GetValueForMACAddr, rfc3110 import, or CopyNSEC3ResourceRecord functions.

Recommendations For versions prior to 625.41.2, update to version 625.41.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the functions GetValueForIPv4Addr, GetValueForMACAddr, rfc3110 import, and CopyNSEC3ResourceRecord until a patch is applied.