Vulnerabilities > CVE-2024-9484 - NULL Pointer Dereference vulnerability in multiple products

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

avg

avast

CWE-476

NVD

Published: 2024-10-04

Updated: 2024-11-08

Summary

An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing.

Vulnerable Configurations

Part	Description	Count
Application	Avg AVG Antivirus *	1
Application	Avast Avast Antivirus *	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://support.norton.com/sp/static/external/tools/security-advisories.html