Exploitation Summary
EIP tracks 1 public exploit for CVE-2019-25475. PoCs published by Velayutham Selvaraj_ Praveen Thiyagarayam.
AI-analyzed exploit summary This exploit generates a large buffer of 'A' characters (6000 bytes) to trigger a denial-of-service (DoS) condition in SQL Server Password Changer v1.90 by overflowing a field input. The payload is written to a file (Evil.txt) and manually pasted into the application to cause a crash.
Description
SQL Server Password Changer 1.90 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can inject 6000 bytes of data into the User Name and Registration Code field to trigger a denial of service condition.
Exploits (1)
This exploit generates a large buffer of 'A' characters (6000 bytes) to trigger a denial-of-service (DoS) condition in SQL Server Password Changer v1.90 by overflowing a field input. The payload is written to a file (Evil.txt) and manually pasted into the application to cause a crash.
References (2)
Scores
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H