Primary

Context

MSN Password Recovery Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in MSN Password Recovery version 1.30. This issue allows attackers to crash the application by entering an excessively large input in the registration code field. By generating a 9000-byte buffer of repeated characters and pasting it into the 'User Name and Registration Code' field, the application can be forced to crash.

Impact

Exploiting this vulnerability leads to a crash of the MSN Password Recovery application, causing a denial-of-service condition.

Reproduction

To reproduce this vulnerability, download and install MSN Password Recovery version 1.30. After installation, run a Python script that creates a text file containing a 9000-byte buffer of repeated characters. Open MSN Password Recovery and paste the contents of the text file into the 'User Name and Registration Code' field. Click 'OK' to trigger the application crash.

Added: Feb 11, 2026, 9:30 PM

Updated: Feb 11, 2026, 9:30 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.6

remediation

0.0

relevance

3.0

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.6

remediation

0.0

relevance

3.0

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MSN Password Recovery Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating