Primary

Context

Microsoft Eco Search Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Microsoft Eco Search version 1.0.2.0. This vulnerability allows local attackers to crash the application by entering an excessively long string, specifically a buffer of 950 or more characters, into the search bar. When a search is initiated, the application crashes.

Impact

Exploitation of this vulnerability leads to a crash of the application, causing a denial-of-service condition.

Reproduction

To reproduce this vulnerability, paste a buffer of 950 or more characters into the search bar of Microsoft Eco Search version 1.0.2.0. After entering the text, initiate a search, which will cause the application to crash.

Added: Apr 4, 2026, 2:22 PM

Updated: Apr 4, 2026, 2:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

0.0

relevance

5.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

0.0

relevance

5.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Eco Search Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating