Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
SQL Server Password Changer Crashes from Oversized Input
CVE-2019-25475
Summary
The SQL Server Password Changer software can crash if an attacker enters more data than it expects, causing it to stop working. This could be exploited by a malicious user on the same network as the server, potentially disrupting the system. Update the software to the latest version to prevent this issue.
Original title
SQL Server Password Changer 1.90 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can inject 6000 bytes of ...
Original description
SQL Server Password Changer 1.90 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can inject 6000 bytes of data into the User Name and Registration Code field to trigger a denial of service condition.
nvd CVSS3.1
6.2
nvd CVSS4.0
6.9
Vulnerability type
CWE-787
Out-of-bounds Write
Published: 11 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026