216.73.217.176

CVE-2025-46714

· Published 22/05/2025 13:15 · Modified 23/05/2025 15:55

Labels: CVE-2025-46714 2025-05-22CVE-2025-46714CWE-120[email protected]

Essential information

Published
22/05/2025 13:15
Modified
23/05/2025 15:55
Author
Creator
CVSS
7.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to 1.15.12, API_GET_SECURE_PARAM has an arithmetic overflow leading to a small memory allocation and then a extremely large copy into the small allocation. Version 1.15.12 fixes the issue.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
sandboxie / sandboxie cpe:2.3:a:sandboxie:sandboxie:1.3.0-1.15.11:*:*:*:*:*:*:*

References