CVE Details
Basic Information
| Title |
CVE-2025-46714 |
| Type |
cve |
| Published |
2025-05-22T13:15:57 |
| Last Seen |
2025-05-22T13:22:20 |
CVSS Information
| Base Score |
7.8 (HIGH) |
| Attack Vector |
LOCAL |
| Attack Complexity |
LOW |
| Privileges Required |
LOW |
| User Interaction |
NONE |
| Scope |
UNCHANGED |
| Confidentiality Impact |
HIGH |
| Integrity Impact |
HIGH |
| Availability Impact |
HIGH |
AI Analysis
| AI Description |
A vulnerability in Sandboxie’s API_GET_SECURE_PARAM function due to arithmetic overflow could allow attackers to execute arbitrary code, affecting versions from 1.3.0 to 1.15.12. |
| AI Severity |
High |
| Vendor |
Sophos |
| Product |
Sandboxie |
| Affected Version |
1.3.0 to 1.15.12 |
Additional Information
| CVE List |
CVE-2025-46714 |
| CWE List |
CWE-120 |
| Bulletin Family |
cve |
Description
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to 1.15.12, API_GET_SECURE_PARAM has an arithmetic overflow leading to a small memory allocation…
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)
View Full CVE Details
