CVE-2024-9481

Out of Bounds write on scan of malformed eml file may crash the application

CVSS 5.1 MEDIUMEPSS 0.1%CWE-787

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing.

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

AVG/Avast · Antivirus

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.norton.com/sp/static/external/tools/security-advisories.html