Sgayou

**Name of the Vulnerable Software and Affected Versions** Sandboxie versions 0.0.1 through 1.15.11 **Description** The issue is related to an arithmetic overflow in the memory allocation subsystem, which can lead to a buffer overflow. This occurs due to the `API SET SECURE PARAM` potentially causing a smaller allocation than requested. **Recommendations** For versions 0.0.1 through 1.15.11, update to version 1.15.12 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Sandboxie versions 1.3.0 through 1.15.12 **Description** The issue is related to an arithmetic overflow in the API GET SECURE PARAM, leading to a small memory allocation followed by an extremely large copy into the small allocation. **Recommendations** For versions 1.3.0 through 1.15.11, update to version 1.15.12 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Sandboxie versions 1.3.0 through 1.15.12 **Description** The issue arises from the failure of Api GetSecureParam to sanitize incoming pointers, implicitly trusting the pointer passed by the user as safe to write to. GetRegValue then writes the contents of the SBIE registry entry selected to this address. An attacker can pass in a kernel pointer, and the driver dumps the registry key contents to it. This can be triggered by anyone on the system, including low integrity Windows processes. **Recommendations** For versions prior to 1.15.12, update to version 1.15.12 to resolve the issue. As a temporary workaround, consider restricting access to the `Api GetSecureParam` function and `GetRegValue` until a patch is available. Avoid using the `SBIE` registry entry in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Sandboxie versions 1.3.0 through 1.15.12 **Description** The issue arises from the failure of Api SetSecureParam to sanitize incoming pointers, implicitly trusting the pointer passed by the user as safe to read from. This allows SetRegValue to read an arbitrary address, potentially a kernel pointer, into a HKLM Security SBIE registry value, which can later be retrieved by API GET SECURE PARAM. **Recommendations** For versions prior to 1.15.12, update to version 1.15.12 to resolve the issue. As a temporary workaround, consider restricting access to the Api SetSecureParam and SetRegValue functions until the update is applied.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned. **Description** The issue is related to the processing of ttembed input files, where certain files may cause an integer overflow. This overflow could potentially lead to corruption of the input file due to inadequate checking of return codes from `fgetc` and `fputc` function calls. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ttembed (affected versions not specified) **Description** An input validation flaw exists, allowing an attacker to trigger a denial of service condition by providing a crafted input file. This is due to ttembed trusting attacker-controlled values. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.