CVE-2024-9481 - Vulnerability Details - OpenCVE

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Avast	Antivirus
Avg	Antivirus

Configuration 1 [-]

OR	cpe:2.3:a:avast:antivirus::::::macos::*
	cpe:2.3:a:avg:antivirus::::::macos::*

No data.

References

Link	Providers
https://support.norton.com/sp/static/external/tools/security-advisories.html

History

Fri, 08 Nov 2024 21:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Avast Avast antivirus Avg Avg antivirus
CPEs		cpe:2.3:a:avast:antivirus::::::macos::* cpe:2.3:a:avg:antivirus::::::macos::*
Vendors & Products		Avast Avast antivirus Avg Avg antivirus

Fri, 04 Oct 2024 14:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 04 Oct 2024 12:30:00 +0000

Type	Values Removed	Values Added
Description		An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing.
Title		Out of Bounds write on scan of malformed eml file may crash the application
Weaknesses		CWE-787
References		https://support.norton.com/sp/static/external/tools/security-advisories.html
Metrics		cvssV3_1 `{'score': 5.1, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H'}`

MITRE

Status: PUBLISHED

Assigner: NLOK

Published: 2024-10-04T12:15:14.709Z

Updated: 2024-10-07T11:26:43.561Z

Reserved: 2024-10-03T14:29:34.815Z

Link: CVE-2024-9481

Vulnrichment

Updated: 2024-10-04T13:54:42.852Z

NVD

Status : Analyzed

Published: 2024-10-04T13:15:12.610

Modified: 2024-11-08T20:49:03.597

Link: CVE-2024-9481

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-9481", "assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e", "state": "PUBLISHED", "assignerShortName": "NLOK", "dateReserved": "2024-10-03T14:29:34.815Z", "datePublished": "2024-10-04T12:15:14.709Z", "dateUpdated": "2024-10-07T11:26:43.561Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["MacOS", "Windows", "Linux"], "product": "Antivirus", "vendor": "AVG/Avast", "versions": [{"lessThan": "< 24092400", "status": "affected", "version": "24/Sep/2024", "versionType": "date"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "Mike Zhang, an independent security researcher"}], "datePublic": "2024-10-04T12:13:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing."}], "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e", "shortName": "NLOK", "dateUpdated": "2024-10-07T11:26:43.561Z"}, "references": [{"url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Upgrade to the latest version of virus definintions."}], "value": "Upgrade to the latest version of virus definintions."}], "source": {"discovery": "EXTERNAL"}, "title": "Out of Bounds write on scan of malformed eml file may crash the application", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-04T13:54:39.515335Z", "id": "CVE-2024-9481", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-04T13:54:47.530Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-9481", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-04T13:54:39.515335Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-04T13:54:42.852Z"}}], "cna": {"title": "Out of Bounds write on scan of malformed eml file may crash the application", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "Mike Zhang, an independent security researcher"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "AVG/Avast", "product": "Antivirus", "versions": [{"status": "affected", "version": "24/Sep/2024", "lessThan": "< 24092400", "versionType": "date"}], "platforms": ["MacOS", "Windows", "Linux"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to the latest version of virus definintions.", "supportingMedia": [{"type": "text/html", "value": "Upgrade to the latest version of virus definintions.", "base64": false}]}], "datePublic": "2024-10-04T12:13:00.000Z", "references": [{"url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing.", "supportingMedia": [{"type": "text/html", "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e", "shortName": "NLOK", "dateUpdated": "2024-10-07T11:26:43.561Z"}}}, "cveMetadata": {"cveId": "CVE-2024-9481", "state": "PUBLISHED", "dateUpdated": "2024-10-07T11:26:43.561Z", "dateReserved": "2024-10-03T14:29:34.815Z", "assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e", "datePublished": "2024-10-04T12:15:14.709Z", "assignerShortName": "NLOK"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avast:antivirus:*:*:*:*:*:macos:*:*", "matchCriteriaId": "332D750A-C14D-4E7D-8296-99B46A1155A4", "versionEndExcluding": "24092400", "vulnerable": true}, {"criteria": "cpe:2.3:a:avg:antivirus:*:*:*:*:*:macos:*:*", "matchCriteriaId": "D2EB9416-935A-4FF0-AD75-DFCDD6BC1AFF", "versionEndExcluding": "24092400", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing."}, {"lang": "es", "value": "Una escritura fuera de los l\u00edmites en el m\u00f3dulo del motor en la firma AVG/Avast Antivirus <24092400 publicada el 24/sep/2024 en MacOS permite que un archivo eml mal formado bloquee la aplicaci\u00f3n durante el procesamiento del archivo."}], "id": "CVE-2024-9481", "lastModified": "2024-11-08T20:49:03.597", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 3.6, "source": "security@nortonlifelock.com", "type": "Secondary"}]}, "published": "2024-10-04T13:15:12.610", "references": [{"source": "security@nortonlifelock.com", "tags": ["Not Applicable"], "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"}], "sourceIdentifier": "security@nortonlifelock.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "security@nortonlifelock.com", "type": "Secondary"}]}