Description
avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot "." characters.
Affected products
- Kaspersky / Kaspersky Anti-Virus9.0.0.463 – 9.0.0.463
- Kaspersky / Kaspersky Internet Security9.0.0.459 – 9.0.0.459
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/36405
- MISChttp://www.osvdb.org/57173
- MISChttp://securityreason.com/achievement_securityalert/66
- MISChttp://www.securityfocus.com/bid/36084
- MISChttp://www.securitytracker.com/id?1022754
- MISChttp://www.securitytracker.com/id?1022755
- MISChttp://archives.neohapsis.com/archives/fulldisclosure/2009-08/0252.html
- MISChttp://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--/news/114077
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/52571