CVE-2009-2966

Currently unrated

Key Information:

Vendor: Kaspersky
Status: Kaspersky Anti-virus; Kaspersky Internet Security
Vendor: CVE Published:; 25 August 2009

Summary

avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot "." characters.

References

http://secunia.com/advisories/36405

third-party-advisoryx_refsource_SECUNIA

http://www.osvdb.org/57173

vdb-entryx_refsource_OSVDB

http://securityreason.com/achievement_securityalert/66

third-party-advisoryx_refsource_SREASONRES

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 25, 2009
Vulnerability Reserved
Aug 25, 2009