Primary

Context

Outlook Password Recovery Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

A buffer overflow vulnerability has been identified in Outlook Password Recovery version 2.10. This vulnerability allows local attackers to cause a denial-of-service condition by crashing the application with an oversized payload. Exploitation involves creating a malicious text file with 6000 bytes of data and pasting it into the 'User Name and Registration Code' field.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the application to crash.

Reproduction

To reproduce this vulnerability, create a text file named 'Evil.txt' containing 6000 bytes of data. Open Outlook Password Recovery version 2.10 and copy the contents of 'Evil.txt' into the 'User Name and Registration Code' field. Click 'OK' to trigger the application crash.

Added: Mar 11, 2026, 7:35 PM

Updated: Mar 11, 2026, 7:35 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

3.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

3.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Outlook Password Recovery Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating