Primary

Context

iDailyDiary Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in iDailyDiary version 4.30. This issue allows attackers to crash the application by overflowing the preferences tab name field. By pasting a 2,000,000 character buffer into the default diary tab name, the application can be made to crash.

Impact

Exploiting this vulnerability leads to a crash of the iDailyDiary application, causing a denial-of-service condition where the application becomes unresponsive or unavailable to the user.

Reproduction

To reproduce this vulnerability, open iDailyDiary 4.30 and create a new diary. After naming the diary and selecting the option 'Do not prompt for password', navigate to the 'Preferences' tab. In the 'Tabs' section, paste a 2,000,000 character buffer into the 'Default diary tab name when creating new tabs' field and click 'Apply'. This action will trigger the application to crash.

Added: Jan 16, 2026, 7:40 PM

Updated: Jan 16, 2026, 7:40 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.1

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.1

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

iDailyDiary Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating