DoS vulnerability in Kaspersky products
According to an advisory from Maksymilian Arciemowicz, a security specialist at SecurityReason, Kaspersky Internet Security 2010 and Anti-Virus 2010 can be compromised via specially crafted URLs. The products use a filter proxy they insert between the local browser and the network to parse the URLs requested in the browser. If a URL contains more than 1024 consecutive periods (ASCII dec 46), a programming flaw causes a drastic increase in the CPU load of the avp.exe component. As a result, the browser is no longer able to access any web pages.
The flaw can be triggered via links in web pages and in HTML emails. The bug has been verified in Kaspersky Internet Security 2010 18.104.22.1689 under Windows Vista Enterprise and in Kaspersky Anti-Virus 2010 22.214.171.1243 under Windows XP Home Edition. An update to fix the problem has yet to be released.
- Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service, a security advisory from SecurityReason.