216.73.217.176

CVE-2018-25244

· Published 04/04/2026 14:16 · Modified 04/04/2026 20:16

Labels: CVE-2018-25244 2026-04-04CVE-2018-25244CWE-1312[email protected]

Essential information

Published
04/04/2026 14:16
Modified
04/04/2026 20:16
Author
Creator
CVSS
6.9 MEDIUM (v3) 6.9 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Eco Search 1.0.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar and trigger a crash by initiating a search operation.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
microsoft / eco search cpe:2.3:a:microsoft:eco_search:1.0.2.0:*:*:*:*:*:*:*

References