RSS   Vulnerabilities for 'Sandboxie'   RSS

2022-05-04
 
CVE-2022-28067

CWE-863
 
 
An incorrect access control issue in Sandboxie Classic v5.55.13 allows attackers to cause a Denial of Service (DoS) in the Sandbox via a crafted executable.

 
2018-10-29
 
CVE-2018-18748

CWE-20
 
 
** DISPUTED ** Sandboxie 5.26 allows a Sandbox Escape via an "import os" statement, followed by os.system("cmd") or os.system("powershell"), within a .py file. NOTE: the vendor disputes this issue because the observed behavior is consistent with the product's intended functionality.

 

 >>> Vendor: Sandboxie 2 Products
Sandboxie installer
Sandboxie

Copyright 2024, cxsecurity.com

 

Back to Top