CVE-2024-9481

Published: Oct 4, 2024Modified: Nov 8, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing.

Affected (2)

Products: Avast: Antivirus · Avg: Antivirus

1 product

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Avast Antivirus	Before 24092400
Avg Antivirus	Before 24092400

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (1)

https://support.norton.com/sp/static/external/tools/security-advisories.html

Source: security@nortonlifelock.com

Not Applicable

Timeline

No history available yet.