Primary

Context

Sandboxie Buffer Overflow Vulnerability in SbieDrv.sys API_SET_SECURE_PARAM

Vulnerability

Patched

A buffer overflow vulnerability has been identified in Sandboxie versions 0.0.1 through prior to 1.15.12. The issue arises in the SbieDrv.sys component, specifically within the API_SET_SECURE_PARAM function. An arithmetic overflow in the memory allocation subsystem can lead to a smaller memory allocation than requested, allowing for a buffer overflow condition.

Impact

Exploitation of this vulnerability could lead to a buffer overflow, with the worst-case scenario allowing for arbitrary code execution.

Remediation

Users can upgrade to Sandboxie version 1.15.12 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

10.0

exploitability

4.6

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

10.0

exploitability

4.6

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sandboxie Buffer Overflow Vulnerability in SbieDrv.sys API_SET_SECURE_PARAM

Vulnerability

Impact

Remediation

Affected Products

Sandboxie

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating