Vulnerability Description
avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot "." characters.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kaspersky | Kaspersky Anti-Virus | 9.0.0.463 |
| Kaspersky | Kaspersky Internet Security | 9.0.0.459 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0252.htmlExploit
- http://secunia.com/advisories/36405Vendor Advisory
- http://securityreason.com/achievement_securityalert/66Exploit
- http://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--
- http://www.osvdb.org/57173
- http://www.securityfocus.com/bid/36084Exploit
- http://www.securitytracker.com/id?1022754
- http://www.securitytracker.com/id?1022755
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52571
- http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0252.htmlExploit
- http://secunia.com/advisories/36405Vendor Advisory
- http://securityreason.com/achievement_securityalert/66Exploit
- http://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--
- http://www.osvdb.org/57173
- http://www.securityfocus.com/bid/36084Exploit
FAQ
What is CVE-2009-2966?
CVE-2009-2966 is a vulnerability with a CVSS score of 4.3 (MEDIUM). avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request t...
How severe is CVE-2009-2966?
CVE-2009-2966 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-2966?
Check the references section above for vendor advisories and patch information. Affected products include: Kaspersky Kaspersky Anti-Virus, Kaspersky Kaspersky Internet Security.