CVE-2007-0493
EPSS 13.8%
Description
Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context."
How to fix CVE-2007-0493
To remediate CVE-2007-0493, upgrade the affected package to a fixed version below.
- Debian/bind9—upgrade to 1:9.3.4-2 or later
Is CVE-2007-0493 being exploited?
Moderate — EPSS is 13.8%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 1:9.3.4-2