PT-2009-5308 · Kaspersky · Kaspersky Internet Security+1

Maksymilian Arciemowicz

Published

2009-08-25

Updated

2017-08-17

CVE-2009-2966

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Kaspersky Internet Security version 9.0.0.459 Kaspersky Anti-Virus version 9.0.0.463

Description: The issue allows remote attackers to cause a denial of service, resulting in CPU consumption and network connectivity loss, via an HTTP URL request containing a large number of dot "." characters.

Recommendations: For Kaspersky Internet Security version 9.0.0.459, update to a version that fixes this issue to prevent denial of service attacks. For Kaspersky Anti-Virus version 9.0.0.463, update to a version that fixes this issue to prevent denial of service attacks.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2009-2966

Affected Products

Kaspersky Anti-Virus

Kaspersky Internet Security

PT-2009-5308 · Kaspersky · Kaspersky Internet Security+1

CVE-2009-2966

Weakness Enumeration

Related Identifiers

Affected Products

References · 11