CVE-2008-3630
Description
mDNSResponder in Apple Bonjour for Windows before 1.0.5, when an application uses the Bonjour API for unicast DNS, does not choose random values for transaction IDs or source ports in DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.
Risk Information
Base Score
7.5
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
1.104
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities affected in Bonjour 1.0.4 | Windows |
| Vulnerabilities CVE-2008-2326,CVE-2008-3630 are affected in Bonjour 1.0.4.unknown_windows | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234