Mike Zhang

**Name of the Vulnerable Software and Affected Versions** Avast Antivirus versions 15.7 through 3.9.2025 **Description** A flaw exists in Avast Antivirus on MacOS that involves a heap-based buffer overflow and out-of-bounds write condition. Processing a specially crafted Mach-O file could lead to local code execution or a denial of service, impacting the antivirus protection. **Recommendations** Update Avast Antivirus to a version later than 3.9.2025.

**Name of the Vulnerable Software and Affected Versions** Avast Antivirus versions 16.0.0 on MacOS Avast Antivirus versions 3.0.3 on Linux **Description** A NULL pointer dereference issue exists in Avast Antivirus when scanning a malformed Windows PE file. This can cause the antivirus process to crash on MacOS and Linux systems. **Recommendations** Update Avast Antivirus on MacOS to a version later than 16.0.0. Update Avast Antivirus on Linux to a version later than 3.0.3.

**Name of the Vulnerable Software and Affected Versions** Avast Antivirus versions 8.3.70.94 through 8.3.70.97 **Description** A heap-based buffer overflow and out-of-bounds read issue exists in Avast Antivirus on MacOS when scanning a malformed file. This can lead to local execution of code or a denial-of-service of the antivirus engine process. The issue is triggered when processing a specially crafted file. The vulnerability affects the antivirus engine. **Recommendations** Update Avast Antivirus to version 8.3.70.98 or later.

**Name of the Vulnerable Software and Affected Versions** watchOS versions prior to 8 macOS Big Sur versions prior to 11.6 Security Update versions prior to 2021-005 Catalina tvOS versions prior to 15 iOS versions prior to 15 iPadOS versions prior to 15 iTunes versions prior to 12.12 for Windows **Description** This issue was addressed with improved checks. Processing a maliciously crafted image may lead to arbitrary code execution. **Recommendations** For watchOS versions prior to 8, update to watchOS 8. For macOS Big Sur versions prior to 11.6, update to macOS Big Sur 11.6. For Security Update versions prior to 2021-005 Catalina, apply Security Update 2021-005 Catalina. For tvOS versions prior to 15, update to tvOS 15. For iOS versions prior to 15, update to iOS 15. For iPadOS versions prior to 15, update to iPadOS 15. For iTunes versions prior to 12.12 for Windows, update to iTunes 12.12 for Windows.

**Name of the Vulnerable Software and Affected Versions** Xpdf version 4.02 **Description** The issue arises in the `SplashOutputDev::endType3Char(GfxState *state)` function, where it attempts to use the freed `t3GlyphStack->cache`, resulting in a heap-use-after-free problem. This occurs because the previous fix for nested Type 3 characters did not correctly handle cases where a Type 3 character refers to another character in the same Type 3 font. **Recommendations** For Xpdf version 4.02, consider disabling the `SplashOutputDev::endType3Char` function as a temporary workaround until a patch is available. Restrict access to Type 3 fonts to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apple Safari versions prior to 13.0.4 Apple tvOS versions prior to 13.3 Apple iOS versions prior to 13.3 Apple iPadOS versions prior to 13.3 Apple iTunes for Windows versions prior to 12.10.3 Apple iCloud for Windows versions prior to 10.9 and prior to 7.16 **Description** The issue is related to multiple memory corruption problems that have been addressed with improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution. **Recommendations** For Apple Safari versions prior to 13.0.4, update to version 13.0.4 or later. For Apple tvOS versions prior to 13.3, update to version 13.3 or later. For Apple iOS versions prior to 13.3, update to version 13.3 or later. For Apple iPadOS versions prior to 13.3, update to version 13.3 or later. For Apple iTunes for Windows versions prior to 12.10.3, update to version 12.10.3 or later. For Apple iCloud for Windows versions prior to 10.9 and prior to 7.16, update to version 10.9 or version 7.16 or later.

**Name of the Vulnerable Software and Affected Versions** Xpdf version 4.01.01 **Description** A stack-based buffer over-read issue exists in the FoFiTrueType::dumpString function. This can be triggered by sending crafted TrueType data in a PDF document to the pdftops tool, potentially allowing an attacker to cause Denial of Service or leak memory data into dump content. **Recommendations** For Xpdf version 4.01.01, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.1.3 tvOS versions prior to 12.1.2 Safari versions prior to 12.0.3 iTunes versions prior to 12.9.3 for Windows iCloud for Windows versions prior to 7.10 **Description** The issue is caused by a buffer overflow in memory, which may lead to arbitrary code execution when processing maliciously crafted web content. This can allow a remote attacker to execute arbitrary code using a specially crafted website. **Recommendations** For iOS versions prior to 12.1.3, update to iOS 12.1.3 or later. For tvOS versions prior to 12.1.2, update to tvOS 12.1.2 or later. For Safari versions prior to 12.0.3, update to Safari 12.0.3 or later. For iTunes versions prior to 12.9.3 for Windows, update to iTunes 12.9.3 or later for Windows. For iCloud for Windows versions prior to 7.10, update to iCloud for Windows 7.10 or later.