5 matches found
CVE-2026-34462
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...
CVE-2026-34462
Sandboxie-Plus (Windows) versions ≤ 1.17.2 are affected by a stack-based overflow in ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler due to copying a WCHAR boxname[34] into a WCHAR[40] buffer with wcscpy without verifying termination. The service pipe allows conn...
CVE-2026-34462 Sandboxie-Plus ProcessServer boxname stack buffer overflows via unterminated wide string copy
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...
EUVD-2026-27462
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...
PT-2026-37228
Name of the Vulnerable Software and Affected Versions Sandboxie-Plus versions prior to 1.17.3 Description Several ProcessServer handlers, specifically KillAllHandler, SuspendAllHandler, and RunSandboxedHandler, copy a boxname field from request structures into stack buffers using wcscpy without...