CVE-2017-12480

Name of the Vulnerable Software and Affected Versions Sandboxie installer version 5071703

Description The issue concerns a DLL Hijacking or Unsafe DLL Loading vulnerability. This can be exploited via a Trojan horse dwmapi.dll or profapi.dll file placed in an AppDataLocalTemp directory.

Recommendations For version 5071703, consider removing or restricting access to the dwmapi.dll and profapi.dll files in the AppDataLocalTemp directory to minimize the risk of exploitation. As a temporary workaround, avoid using the Sandboxie installer until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.