PT-2026-24772 · Top Password · Sql Server Password Changer Denial Of Service Exploit
Published
2026-03-11
·
Updated
2026-03-11
·
CVE-2019-25475
CVSS v3.1
6.2
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
SQL Server Password Changer version 1.90
Description
The software contains a buffer overflow issue that allows local attackers to cause a denial of service. An attacker can inject 6000 bytes of data into the
User Name and Registration Code field to trigger this condition. The vulnerability allows attackers to crash the application by supplying an oversized payload.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sql Server Password Changer Denial Of Service Exploit