本ページは apple ichat に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2007-3748 | Buffer overflow in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) implementation in iChat on Apple Mac OS X 10.3.9 and 10.4.10 allows network-adjacent remote attackers to execute arbitrary code via a crafted packet. | [email protected] | 5.4 | 2.15% | 2007-08-03 | 2026-06-16 |
| CVE-2007-3747 | The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not restrict object instantiation and manipulation to valid heap addresses, which allows remote attackers to execute arbitrary code via a crafted applet. | [email protected] | 6.8 | 3.36% | 2007-08-03 | 2026-06-16 |
| CVE-2007-3746 | The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not properly check the bounds of heap read and write operations, which allows remote attackers to execute arbitrary code via a crafted applet. | [email protected] | 6.8 | 3.36% | 2007-08-03 | 2026-06-16 |
| CVE-2007-0710 | The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614. | [email protected] | 2.1 | 3.26% | 2007-02-16 | 2026-06-16 |
| CVE-2007-0614 | The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (persistent application crash) via a crafted phsh hash attribute in a TXT key. | [email protected] | 7.8 | 8.34% | 2007-01-31 | 2026-06-16 |
| CVE-2007-0613 | The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries. | [email protected] | 5.0 | 7.00% | 2007-01-31 | 2026-06-16 |
| CVE-2007-0021 | Format string vulnerability in Apple iChat 3.1.6 allows remote attackers to cause a denial of service (null pointer dereference and application crash) and possibly execute arbitrary code via format string specifiers in an aim:// URI. | [email protected] | 7.5 | 22.97% | 2007-01-22 | 2026-06-16 |
| CVE-2004-0873 | Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows remote attackers to execute arbitrary programs via a "link" that references the program. | [email protected] | 7.5 | 1.29% | 2004-12-23 | 2026-06-16 |