Null Pointer Dereference Vulnerability in AVG/Avast Antivirus for MacOS
CVE-2024-9484

5.5MEDIUM

Key Information:

Vendor: Avg
Status: Antivirus
Vendor: CVE Published:; 4 October 2024

What is CVE-2024-9484?

A vulnerability exists in AVG/Avast Antivirus for MacOS due to a null pointer dereference in the engine module. This issue arises with signature versions prior to 24092400 and is triggered when the application processes a malformed xar file. Under certain conditions, such files can lead to a crash of the antivirus application during normal file handling operations, potentially compromising the user's security posture.

References

https://support.norton.com/sp/static/external/tools/secur...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2024

Avg

What is CVE-2024-9484?

References

CVSS V3.1

Timeline