Primary

Context

Microsoft VSCO Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Microsoft VSCO version 1.1.1.0. This vulnerability allows local attackers to crash the application by entering an excessively long string into the search bar. Specifically, a buffer of 5000 characters can be pasted into the search functionality, which triggers the application to crash when the user navigates back to the home screen.

Impact

Exploitation of this vulnerability leads to a crash of the VSCO application, causing a denial-of-service condition where the application becomes unresponsive or unavailable to the user.

Reproduction

To reproduce this vulnerability, paste a buffer of 5000 characters into the search bar of Microsoft VSCO version 1.1.1.0. After submitting the search, navigate back to the home screen, which will cause the application to crash.

Added: Apr 4, 2026, 2:24 PM

Updated: Apr 4, 2026, 2:24 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

0.0

relevance

5.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

0.0

relevance

5.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft VSCO Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating