CVE-2019-25551

Medium CVSS: 6.9

Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Program Alerts configuration field. Attackers can paste a buffer of 5000 characters into the 'Select or enter a program' field during program alert configuration to trigger an application crash.

Vendor

Sandboxie-plus

Product

Sandboxie

CWE

CWE-1282

Yayın Tarihi

2026-03-21 13:16:17

Güncelleme

2026-03-23 17:06:40

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-1282 Sandboxie MEDIUM Sandboxie-plus 2026

Referanslar

https://www.exploit-db.com/exploits/46860 https://www.sandboxie.com https://www.vulncheck.com/advisories/sandboxie-denial-of-service-via-program-alerts-buffer-overflow

Benzer Kayıtlar

Critical

CVE-2025-64721

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.…

Medium

CVE-2025-54422

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.…

High

CVE-2025-46715

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in ve…

Medium

CVE-2025-46716

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in ve…

High

CVE-2025-46713

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in ve…

High

CVE-2025-46714

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in ve…