Home

Description

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 0.0.1 and prior to 1.15.12, API_SET_SECURE_PARAM may have an arithmetic overflow deep in the memory allocation subsystem that would lead to a smaller allocation than requested, and a buffer overflow. Version 1.15.12 fixes the issue.

PUBLISHED Reserved 2025-04-28 | Published 2025-05-22 | Updated 2025-05-22 | Assigner GitHub_M




HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Product status

>= 0.0.1, , 1.15.12
affected

References

github.com/...dboxie/security/advisories/GHSA-5g85-6p6v-r479

cve.org (CVE-2025-46713)

nvd.nist.gov (CVE-2025-46713)

Download JSON