CVE-2019-25475

Medium CVSS: 6.9

SQL Server Password Changer 1.90 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can inject 6000 bytes of data into the User Name and Registration Code field to trigger a denial of service condition.

Vendor

Product

CWE

CWE-787

Yayın Tarihi

2026-03-11 19:16:01

Güncelleme

2026-03-12 21:08:22

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-787 MEDIUM 2026

Referanslar

https://www.exploit-db.com/exploits/47318 https://www.vulncheck.com/advisories/sql-server-password-changer-denial-of-service-buffer-overflow