CVE-2019-25551

Name of the Vulnerable Software and Affected Versions Sandboxie version 5.30

Description Sandboxie version 5.30 is subject to a denial of service condition. Local attackers can cause the application to crash by providing an overly long string within the Program Alerts configuration field. Specifically, pasting a buffer of approximately 5000 characters into the 'Select or enter a program' field during program alert configuration can trigger an application crash. The vulnerable configuration field is associated with program alert settings.

Recommendations Update to a newer version of Sandboxie that addresses this issue.