CVE-2018-25231
Buffer Overflow in HeidiSQL Logging Preferences Causes DoS
Publication date: 2026-03-30
Last updated on: 2026-04-08
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| heidisql | heidisql | to 9.5.0.5196 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2018-25231 is a denial of service (DoS) vulnerability in HeidiSQL version 9.5.0.5196. It occurs because the application does not properly control the input for the SQL log file path in the logging preferences. A local attacker can supply an excessively long file path as a buffer-overflow payload in the Preferences > Logging section, which causes the application to crash.
This vulnerability is classified under CWE-98, which relates to improper control of filename input. Exploiting this flaw requires local access but no special privileges or user interaction.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a denial of service condition. An attacker with local access can crash the HeidiSQL application by providing a specially crafted, excessively long file path in the logging preferences. This crash disrupts normal use of the application, potentially causing loss of productivity or interruption of database management tasks.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the HeidiSQL application version 9.5.0.5196 is installed and verifying if the SQL log file path field in Preferences > Logging contains an excessively long file path or buffer-overflow payload.
A practical detection method involves attempting to reproduce the denial of service by pasting a large string (for example, 5000 'A' characters) into the "Write SQL log to file" field in the Logging preferences and observing if the application crashes.
There are no specific network commands to detect this vulnerability since it is a local application issue, but on the system, you can check the installed HeidiSQL version using standard package or application version commands.
- On Windows, check HeidiSQL version via the application About dialog or by inspecting the executable properties.
- To test the vulnerability, create a text file with 5000 'A' characters (e.g., using a command like `python -c "print('A'*5000)" > bd.txt`), copy its content to clipboard, and paste it into the SQL log file path field in HeidiSQL Preferences > Logging.
- Observe if the application crashes, indicating the vulnerability is present.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, avoid entering excessively long file paths or untrusted input into the SQL log file path field in HeidiSQL's Preferences > Logging.
Restrict local user access to the HeidiSQL application to prevent exploitation by local attackers.
If possible, update HeidiSQL to a version where this vulnerability is fixed or apply any available patches.
As a temporary workaround, disable SQL logging or avoid modifying the logging preferences until a fix is applied.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not include any details on how the CVE-2018-25231 vulnerability affects compliance with common standards or regulations such as GDPR or HIPAA.