CVE-2019-25598

CVSS v3.1

6.2

Medium

AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

HeidiSQL Portable 10.1.0.5464 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the password field. Attackers can paste a buffer overflow payload into the password input during Microsoft SQL Server login to trigger an application crash.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2019-25598

Affected Products

Heidisql Portable

CVE-2019-25598

Weakness Enumeration

Related Identifiers

Affected Products

References · 5