5 matches found
CVE-2025-46715
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, ApiGetSecureParam fails to sanitize incoming pointers, and implicitly trusts that the pointer the user has passed in is safe to write t...
CVE-2025-46715
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, ApiGetSecureParam fails to sanitize incoming pointers, and implicitly trusts that the pointer the user has passed in is safe to write t...
CVE-2025-46715 Sandboxie Arbitrary Kernel Write in SbieDrv.sys API (API_GET_SECURE_PARAM)
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, ApiGetSecureParam fails to sanitize incoming pointers, and implicitly trusts that the pointer the user has passed in is safe to write t...
CVE-2025-46715 Sandboxie Arbitrary Kernel Write in SbieDrv.sys API (API_GET_SECURE_PARAM)
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, ApiGetSecureParam fails to sanitize incoming pointers, and implicitly trusts that the pointer the user has passed in is safe to write t...
CVE-2025-46715
Sandboxie is affected by CVE-2025-46715 due to Api_GetSecureParam not sanitizing incoming pointers, allowing a kernel pointer to be written by GetRegValue to a chosen SBIE registry entry. This enables an attacker to dump registry contents via SbieDrv.sys on Windows systems, including low integrit...