CVE-2015-7987

Name: CVE-2015-7987
Creator: NVD / NIST
Published: 2016-06-26T01:59:00.127+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.51%

Last modified Jun 17, 2026

CVE-2015-7987 is a vulnerability of currently unknown severity. Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function.. EPSS estimates a 2.51% chance of exploitation in the next 30 days.

Description

Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function.

Metrics

EPSS Probability

2.51%

82.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Apple	Iphone Os	>= 9.0, < 9.1
Apple	Mac Os X	>= 10.9, < 10.9.5
Apple	Mac Os X	>= 10.10.0, < 10.10.5
Apple	Mac Os X	>= 10.11.0, < 10.11.1
Apple	Watchos	< 2.1
Apple	Airport Base Station Firmware	>= 7.6, < 7.6.7
Apple	Airport Base Station Firmware	>= 7.7, < 7.7.7
Apple	Mdnsresponder	< 625.41.2

References

http://www.kb.cert.org/vuls/id/143335Third Party Advisory, US Government Resource
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlThird Party Advisory
http://www.securityfocus.com/bid/91323Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1036181Third Party Advisory, VDB Entry
https://support.apple.com/HT206846Vendor Advisory
http://www.kb.cert.org/vuls/id/143335Third Party Advisory, US Government Resource
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlThird Party Advisory
http://www.securityfocus.com/bid/91323Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1036181Third Party Advisory, VDB Entry
https://support.apple.com/HT206846Vendor Advisory

Timeline

Published: Jun 26, 2016
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2015-7987?

How severe is CVE-2015-7987?

Severity scoring for CVE-2015-7987 is pending analysis. The EPSS model estimates a 2.51% probability of exploitation in the next 30 days.

How do I fix CVE-2015-7987?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2015-7987?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST