CVE Details
Basic Information
| Title |
CVE-2025-46716 |
| Type |
cve |
| Published |
2025-05-22T17:15:24 |
| Last Seen |
2025-05-22T17:22:45 |
CVSS Information
| Base Score |
5.5 (MEDIUM) |
| Attack Vector |
LOCAL |
| Attack Complexity |
LOW |
| Privileges Required |
LOW |
| User Interaction |
NONE |
| Scope |
UNCHANGED |
| Confidentiality Impact |
HIGH |
| Integrity Impact |
NONE |
| Availability Impact |
NONE |
AI Analysis
| AI Description |
A vulnerability in Sandboxie’s Api_SetSecureParam function could allow memory corruption due to improper pointer sanitization, affecting versions 1.3.0 to 1.15.12. |
| AI Severity |
High |
| Vendor |
Sophos |
| Product |
Sandboxie |
| Affected Version |
1.3.0 to 1.15.12 |
Additional Information
| CVE List |
CVE-2025-46716 |
| CWE List |
CWE-125 |
| Bulletin Family |
cve |
Description
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, Api_SetSecureParam fails to sanitize incoming pointers, and implicitly trusts that…
CVSS Score Summary
Base Score: %!f(string=#) (MEDIUM)
View Full CVE Details
