CVE-2009-2966 – Kaspersky 2010 - Remote Memory Corruption / Denial of Service (PoC)

https://notcve.org/view.php?id=CVE-2009-2966

avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot "." characters. avp.exe en Kaspersky Internet Security v9.0.0.459 y Anti-Virus v9.0.0.463 permite a atacantes remotos producir una denegación de servicio (consumo de CPU y perdida de conectividad con la red) a través de una petición de URL HTTP que contiene un gran numero de puntos ".". • https://www.exploit-db.com/exploits/9537 http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0252.html http://secunia.com/advisories/36405 http://securityreason.com/achievement_securityalert/66 http://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--/news/114077 http://www.osvdb.org/57173 http://www.securityfocus.com/bid/36084 http://www.securitytracker.com/id?1022754 http://www.securitytracker.com/id?1022755 https://exchange.xforce.ibmcloud.com/vulnerab • CWE-399: Resource Management Errors •