CVE-2024-9483

Published: Oct 4, 2024Modified: Nov 8, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing.

Affected (2)

Products: Avast: Antivirus · Avg: Antivirus

1 product

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Avast Antivirus	Before 24092400
Avg Antivirus	Before 24092400

Related CWEs

CWE-476

NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

References (1)

https://support.norton.com/sp/static/external/tools/security-advisories.html

Source: security@nortonlifelock.com

Not Applicable

Timeline

No history available yet.