Vulnerabilities > CVE-2009-2966 - Resource Management Errors vulnerability in Kaspersky Anti-Virus and Kaspersky Internet Security
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot "." characters.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Kaspersky 2010 Remote Memory Corruption / DoS PoC. CVE-2009-2966. Dos exploit for windows platform |
| id | EDB-ID:9537 |
| last seen | 2016-02-01 |
| modified | 2009-08-28 |
| published | 2009-08-28 |
| reporter | Prakhar Prasad |
| source | https://www.exploit-db.com/download/9537/ |
| title | Kaspersky 2010 - Remote Memory Corruption / DoS PoC |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0252.html
- http://secunia.com/advisories/36405
- http://securityreason.com/achievement_securityalert/66
- http://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--/news/114077
- http://www.osvdb.org/57173
- http://www.securityfocus.com/bid/36084
- http://www.securitytracker.com/id?1022754
- http://www.securitytracker.com/id?1022755
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52571